Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
HashiCorp Vault and Vault Enterprise 0.11.0 up to 1.7.5 and 1.8.4 templated ACL policies would always match the first-created entity alias if multiple entity aliases exist for a specified entity and mount combination, potentially resulting in incorrect policy enforcement. Fixed in Vault and Vault Enterprise 1.7.6, 1.8.5, and 1.9.0.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
HashiCorp Vault 安全漏洞
Vulnerability Description
Hashicorp HashiCorp Vault是美国HashiCorp(Hashicorp)公司的一款私钥访问管理工具。 HashiCorp Vault and Vault Enterprise存在安全漏洞,该漏洞源于软件模板化的ACL策略总是匹配第一个创建的实体别名,如果指定的实体和挂载组合存在多个实体别名,可能导致不正确的策略实施。
CVSS Information
N/A
Vulnerability Type
N/A