CVE-2020-10660
Published
CVSS v3
5.3
MEDIUM
CVSS v2
4.3
MEDIUM
Affected
1
PROJECT
Description
HashiCorp Vault and Vault Enterprise versions 0.9.0 through 1.3.3 may, under certain circumstances, have an Entity's Group membership inadvertently include Groups the Entity no longer has permissions to. Fixed in 1.3.4.
A tool for secrets management, encryption as a service, and privileged access management
GitHub