Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Vault's Google Cloud Secrets Engine Removed Existing IAM Conditions When Creating / Updating Rolesets
Vulnerability Description
The Vault and Vault Enterprise ("Vault") Google Cloud secrets engine did not preserve existing Google Cloud IAM Conditions upon creating or updating rolesets. Fixed in Vault 1.13.0.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
Vulnerability Type
特权授予不正确
Vulnerability Title
HashiCorp Vault 安全漏洞
Vulnerability Description
HashiCorp Vault是美国HashiCorp公司的一款私钥访问管理工具。 HashiCorp Vault 1.13.0之前版本和Vault Enterprise 1.13.0之前版本存在安全漏洞,该漏洞源于在创建或更新角色集时不会保留现有的IAM条件。
CVSS Information
N/A
Vulnerability Type
N/A