Vulnerabilities > Hashicorp > Vault > 1.17.0

DATE CVE VULNERABILITY TITLE RISK
2024-10-10 CVE-2024-9180 Unspecified vulnerability in Hashicorp Vault
A privileged Vault operator with write permissions to the root namespace’s identity endpoint could escalate their own or another user’s privileges to Vault’s root policy.
network
low complexity
hashicorp
7.2
2024-09-02 CVE-2024-8365 Information Exposure Through Log Files vulnerability in Hashicorp Vault
Vault Community Edition and Vault Enterprise experienced a regression where functionality that HMAC’d sensitive headers in the configured audit device, specifically client tokens and token accessors, was removed.
network
low complexity
hashicorp CWE-532
6.5