logo
Vulnerability feed
CONTRIBUTE

Vulnerability

warn

CVE-2024-0831

Reference to the description:

https://nvd.nist.gov/vuln/detail/CVE-2024-0831

Description:
Vault and Vault Enterprise (“Vault”) may expose sensitive information when enabling an audit device which specifies the `log_raw` option, which may log sensitive information to other audit devices, regardless of whether they are configured to use `log_raw`.
Last updated date:
02/23/2024
Type:
exploit
Confidence:
HIGH
Date of publishing:
02/09/2024
Reference url to background

https://developer.hashicorp.com/vault/docs/upgrading/upgrade-to-1.15.x#audit-devices-could-log-raw-data-despite-configuration

Vulnerability FeedContributorsAboutBlog

@inTheWild

©2024

Privacy Policy