CVE-2020-25816
Published
CVSS v3
6.8
MEDIUM
CVSS v2
4.9
MEDIUM
Affected
1
PROJECT
Description
HashiCorp Vault and Vault Enterprise versions 1.0 and newer allowed leases created with a batch token to outlive their TTL because expiration time was not scheduled correctly. Fixed in 1.4.7 and 1.5.4.
A tool for secrets management, encryption as a service, and privileged access management
GitHub