Vault Enterprise Namespace Creation May Lead to Denial of Service
CVE-2023-3774
4.9MEDIUM
Summary
An unhandled error in Vault Enterprise's namespace creation may cause the Vault process to crash, potentially resulting in denial of service. Fixed in 1.14.1, 1.13.5, and 1.12.9.
Affected Version(s)
Vault Enterprise = 1.14.0
Vault Enterprise = 1.13.4
Vault Enterprise = 1.12.8
CVSS V3.1
Score:
4.9
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published.
Vulnerability Reserved.
Collectors
NVD DatabaseMitre Database