VDB
CVE-2025-6015
CVE-2025-6015
PUBLISHED
Vault and Vault Enterprise’s (“Vault”) login MFA rate limits could be bypassed and TOTP tokens could be reused. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23.
EPSS 0.07% · 22.1th percentile
Risk Scores
EPSS Score
0.07%
22.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | vault | 1.10.0 |
| Bitnami | vault | 1.10.0 |
Exploit Intelligence
Timeline
- Aug 1, 2025 CVE Published
- Aug 2, 2025 EPSS Score
- Aug 11, 2025 EPSS Score
- Aug 19, 2025 EPSS Score
- Aug 28, 2025 EPSS Score
- Sep 6, 2025 EPSS Score
- Sep 14, 2025 EPSS Score
- Sep 23, 2025 EPSS Score
- Oct 2, 2025 EPSS Score
- Oct 10, 2025 EPSS Score
- Oct 19, 2025 EPSS Score
- Oct 28, 2025 EPSS Score