vulnerability

FreeBSD: VID-CC1FD3DA-B8FD-4F4D-A092-C38541C0F993 (CVE-2020-35177): vault -- User Enumeration via LDAP auth

Severity
5
CVSS
(AV:N/AC:L/Au:N/C:P/I:N/A:N)
Published
Dec 16, 2020
Added
Dec 18, 2020
Modified
Mar 8, 2021

Description

HashiCorp Vault and Vault Enterprise 1.4.1 and newer allowed the enumeration of users via the LDAP auth method. Fixed in 1.5.6 and 1.6.1.

Solution

freebsd-upgrade-package-vault
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.