VDB
CVE-2025-6004
CVE-2025-6004
PUBLISHED
Vault and Vault Enterprise’s (“Vault”) user lockout feature could be bypassed for Userpass and LDAP authentication methods. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23.
EPSS 0.12% · 29.9th percentile
Risk Scores
EPSS Score
0.12%
29.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | vault | 1.13.0 |
| Bitnami | vault | 1.13.0 |
Timeline
- Aug 1, 2025 CVE Published
- Aug 1, 2025 Coalition ESS Score
- Aug 2, 2025 EPSS Score
- Aug 4, 2025 Coalition ESS Score
- Aug 6, 2025 Coalition ESS Score
- Aug 8, 2025 PoC Published
- Aug 11, 2025 EPSS Score
- Aug 12, 2025 Coalition ESS Score
- Aug 13, 2025 Coalition ESS Score
- Aug 19, 2025 EPSS Score
- Aug 22, 2025 Coalition ESS Score
- Aug 26, 2025 Coalition ESS Score