VDB
GCVE-110-HCSEC-2025-0004
GCVE-110-HCSEC-2025-0004
Advisory Published
Bulletin ID: HCSEC-2025-22 Affected Products / Versions: HashiCorp recently published eight security bulletins for issues impacting Vault and Vault Enterprise, all of which have been addressed in the latest Vault versions: 1.20.2, 1.19.8, 1.18.13, and 1.16.24. Publication Date: August 6, 2025 Summary HashiCorp recently published eight security bulletins for issues impacting Vault Community Edition and Vault Enterprise, all of which have been addressed in the latest Vault versions: 1.20.2, 1.19.8, 1.18.13, and 1.16.24. Background Earlier this year, a security researcher reported multiple vulnerabilities impacting Vault and Vault Enterprise. These vulnerabilities range in severity and exploitability, but generally focus on core authentication flows. The vulnerabilities are: HCSEC-2025-20 - Vault LDAP MFA Enforcement Bypass When Using Username As Alias HCSEC-2025-19 - Vault Login MFA Bypass of Rate Limiting and TOTP Token Reuse HCSEC-2025-18 - Vault Certificate Auth Method Did Not Validate Common Name For Non-CA Certificates HCSEC-2025-17 - Vault TOTP Secrets Engine Code Reuse HCSEC-2025-16 - Vault Userpass and LDAP User Lockout Bypass HCSEC-2025-15 - Timing Side-Channel in Vault’s Userpass Auth Method HCSEC-2025-14 - Privileged Vault Operator May Execute Code on the Underlying Host HCSEC-2025-13 - Vault Root Namespace Operator May Elevate Token Privileges In addition, HashiCorp has published a bulletin for a vulnerability that has been disclosed but is not yet remediated. While we believe this issue presents a low-risk, this bulletin includes details and guidance for operators who wish to mitigate the vulnerability until a fix is available: HCSEC-2025-21 - Vault User Enumeration in Userpass Auth Method The vulnerabilities only affect Vault when running as a server, they do not affect Vault’s SDK, Vault running as a client (CLI), or Vault running in agent or proxy modes. Remediation Customers should evaluate the risk associated with each issue and consider upgrading to Vault Community Edition 1.20.2 or Vault Enterprise 1.20.2, 1.19.8, 1.18.13, and 1.16.24. Please refer to Upgrading Vault for general guidance. Acknowledgement HashiCorp thanks Yarden Porat and the Cyata Security team for disclosing these issues, as well as their collaboration on the remediation and disclosure of these issues. We deeply appreciate any effort to coordinate disclosure of security vulnerabilities. For information about security at HashiCorp and the reporting of security vulnerabilities, please see https://hashicorp.com/security . 1 post - 1 participant Read full topic
Aliases
Browse GCVE Records
72,409 records in the GCVE database · Updated July 14, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.