VDB

CVE-2025-6015

CVE-2025-6015 PUBLISHED

Vault and Vault Enterprise’s (“Vault”) login MFA rate limits could be bypassed and TOTP tokens could be reused. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23.

EPSS 0.07% · 22.1th percentile

Risk Scores

EPSS Score
0.07%
22.1th percentile

Affected Products

VendorProductVersions
Bitnamivault1.10.0
Bitnamivault1.10.0

Timeline

  • Aug 1, 2025 CVE Published
  • Aug 2, 2025 EPSS Score
  • Aug 11, 2025 EPSS Score
  • Aug 19, 2025 EPSS Score
  • Aug 28, 2025 EPSS Score
  • Sep 6, 2025 EPSS Score
  • Sep 14, 2025 EPSS Score
  • Sep 23, 2025 EPSS Score
  • Oct 2, 2025 EPSS Score
  • Oct 10, 2025 EPSS Score
  • Oct 19, 2025 EPSS Score
  • Oct 28, 2025 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›