Vulnerabilities > Hashicorp > Boundary > High

DATE CVE VULNERABILITY TITLE RISK
2024-02-05 CVE-2024-1052 Improper Certificate Validation vulnerability in Hashicorp Boundary
Boundary and Boundary Enterprise (“Boundary”) is vulnerable to session hijacking through TLS certificate tampering.
network
high complexity
hashicorp CWE-295
8.0
2023-02-08 CVE-2023-0690 Missing Encryption of Sensitive Data vulnerability in Hashicorp Boundary
HashiCorp Boundary from 0.10.0 through 0.11.2 contain an issue where when using a PKI-based worker with a Key Management Service (KMS) defined in the configuration file, new credentials created after an automatic rotation may not have been encrypted via the intended KMS.
local
low complexity
hashicorp CWE-311
7.1