Denial of Service Vulnerability in HashiCorp Vault Community and Enterprise Products
CVE-2025-4656

3.1LOW

Key Information:

Vendor: Hashicorp
Status: Vault; Vault Enterprise
Vendor: CVE Published:; 25 June 2025

What is CVE-2025-4656?

A vulnerability has been identified in HashiCorp Vault that allows an operator to cause a denial of service during rekey and recovery key operations due to uncontrolled cancellations. This can disrupt operations and negatively impact service availability. It is crucial for users of Vault Community and Vault Enterprise to upgrade to the latest versions to mitigate this risk and ensure the security and reliability of their vault operations.

Affected Version(s)

Vault 64 bit 1.14.8 < 1.20.0

Vault Enterprise 64 bit 1.14.8 < 1.20.0

References

https://discuss.hashicorp.com/t/hcsec-2025-11-vault-vulne...

CVSS V3.1

Score:

3.1

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 25, 2025
Vulnerability Reserved
May 13, 2025

Hashicorp

What is CVE-2025-4656?

Affected Version(s)

References

CVSS V3.1

Timeline