AVG-1368 log

Package vault
Status Vulnerable
Severity Medium
Type information disclosure
Affected 1.5.4-1
Fixed Unknown
Current 1.5.4-1 [community]
Ticket FS#69015
Created Thu Dec 17 14:48:44 2020
Issue Severity Remote Type Description
CVE-2020-35177 Medium Yes Information disclosure
HashiCorp Vault and Vault Enterprise allowed the enumeration of users via the LDAP auth method. Fixed in 1.5.6 and 1.6.1.