cve/CVE-2020-16250.md at eda58812c5773678e9432b65209fee245db925e7

admin/cve

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-07 19:16:22 +00:00

0xMarcio ba290685fe Update CVE sources 2024-06-09 00:33

2024-06-09 00:33:16 +00:00

894 B

Raw Blame History

CVE-2020-16250

Description

HashiCorp Vault and Vault Enterprise versions 0.7.1 and newer, when configured with the AWS IAM auth method, may be vulnerable to authentication bypass. Fixed in 1.2.5, 1.3.8, 1.4.4, and 1.5.1..

POC

Reference

http://packetstormsecurity.com/files/159478/Hashicorp-Vault-AWS-IAM-Integration-Authentication-Bypass.html
http://packetstormsecurity.com/files/159478/Hashicorp-Vault-AWS-IAM-Integration-Authentication-Bypass.html

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/ckotzbauer/vulnerability-operator

894 B Raw Blame History

CVE-2020-16250

Description

POC

Reference

Github

894 B

Raw Blame History