CVE-2023-25000

Published Mar 30, 2023

Last updated a year ago

Overview

Description: HashiCorp Vault's implementation of Shamir's secret sharing used precomputed table lookups, and was vulnerable to cache-timing attacks. An attacker with access to, and the ability to observe a large number of unseal operations on the host through a side channel may reduce the search space of a brute force effort to recover the Shamir shares. Fixed in Vault 1.13.1, 1.12.5, and 1.11.9.
Source: security@hashicorp.com
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 3.1

Type: Primary
Base score: 4.7
Impact score: 3.6
Exploitability score: 1
Vector string: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
Severity: MEDIUM

Weaknesses

nvd@nist.gov: CWE-203
security@hashicorp.com: CWE-208

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:hashicorp:vault:*:*:*:*:-:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2C565DBD-95F4-4951-A029-93ABE5315740",
            "versionEndExcluding": "1.11.9"
          },
          {
            "criteria": "cpe:2.3:a:hashicorp:vault:*:*:*:*:enterprise:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "80EB9F32-09A4-469C-AF76-1AE3137EAC1B",
            "versionEndExcluding": "1.11.9"
          },
          {
            "criteria": "cpe:2.3:a:hashicorp:vault:*:*:*:*:-:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "446F872F-F64C-44CA-85BC-144FCFBCFA8B",
            "versionEndExcluding": "1.12.5",
            "versionStartIncluding": "1.12.0"
          },
          {
            "criteria": "cpe:2.3:a:hashicorp:vault:*:*:*:*:enterprise:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "71A02FE6-C8D4-455D-A71A-C8353E1ECB7C",
            "versionEndExcluding": "1.12.5",
            "versionStartIncluding": "1.12.0"
          },
          {
            "criteria": "cpe:2.3:a:hashicorp:vault:*:*:*:*:-:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "81280166-3DF7-4867-95E9-A7AFB9A12CE7",
            "versionEndExcluding": "1.13.1",
            "versionStartIncluding": "1.13.0"
          },
          {
            "criteria": "cpe:2.3:a:hashicorp:vault:*:*:*:*:enterprise:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C56E203C-1E18-4395-B500-B6EA695B16C0",
            "versionEndExcluding": "1.13.1",
            "versionStartIncluding": "1.13.0"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 3.1

Weaknesses

Configurations

References