CVE-2018-19786

N/A

Description

HashiCorp Vault before 1.0.0 writes the master key to the server log in certain unusual or misconfigured scenarios in which incorrect data comes from the autoseal mechanism without an error being reported.

CVE Details

CVSS v3.1 ScoreN/A

Published12/5/2018

Last Modified11/21/2024

Sourcenvd

Honeypot Sightings0

Affected Products

hashicorp:vault

Weaknesses (CWE)

CWE-532

References

https://github.com/hashicorp/vault/blob/master/CHANGELOG.md#100-december-3rd-2018(cve@mitre.org)

https://github.com/hashicorp/vault/blob/master/CHANGELOG.md#100-december-3rd-2018(af854a3a-2127-422b-91ae-364da2661108)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.