TLS Certificate Authentication Issue in HashiCorp Vault Products
CVE-2025-6037
6.8MEDIUM
What is CVE-2025-6037?
The TLS certificate authentication method in HashiCorp Vault improperly validates client certificates when using a non-CA certificate as a trusted certificate. This vulnerability allows an attacker to create a malicious certificate that could exploit this flaw to impersonate another user. Users of Vault are advised to upgrade to the fixed versions to ensure proper validation mechanisms are in place, safeguarding against potential misuse.
Affected Version(s)
Vault 64 bit 0 < 1.20.1
Vault Enterprise 64 bit 0 < 1.20.1