CVE-2024-6468

ANC

High

Vault and Vault Enterprise did not properly handle requests originating from unauthorized IP addresses when the TCP listener option, proxy_…

CVSS

7.5

High

EPSS

0.00

p60

Published

2024-01-01

Updated

2024-01-01

Description

Vault and Vault Enterprise did not properly handle requests originating from unauthorized IP addresses when the TCP listener option, proxy_protocol_behavior, was set to deny_unauthorized. When receiving a request from a source IP address that was not listed in proxy_protocol_authorized_addrs, the Vault API server would shut down and no longer respond to any HTTP requests, potentially resulting in denial of service. While this bug also affected versions of Vault up to 1.17.1 and 1.16.5, a separate regression in those release series did not allow Vault operators to configure the deny_unauthorized option, thus not allowing the conditions for the denial of service to occur. Fixed in Vault and Vault Enterprise 1.17.2, 1.16.6, and 1.15.12.

Tags · CWE

Pre-auth

CWE-703

Affected products

Vault 1.10.0–1.15.12Vault 1.16.0–1.16.6Vault 1.17.0–1.17.2

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Timeline

2024-01-01

Published

2024-01-01

Updated

CVSS 3.1 breakdown

Attack Vector

AV: N

Network (N)

Attack Complexity

AC: L

Low (L)

Privileges Required

PR: N

None (N)

User Interaction

UI: N

None (N)

Scope

S: U

Unchanged (U)

Confidentiality Impact

C: N

None (N)

Integrity Impact

I: N

None (N)

Availability Impact

A: H

High (H)

Exploit indicators

EPSS

0.004 · p60

Known exploited (KEV)

Known exploits — Сканер-ВС

No Сканер-ВС checks registered for this vulnerability yet.

Affected software

Product	Vendor	Status
		Tracked
		Tracked
vault		Tracked
vault	*	Tracked

Source databases

ANC

CVE

RED

Related vulnerabilities

BDU:2024-06667