AVG-1369 log

Package vault
Status Not affected
Severity Medium
Type privilege escalation
Affected 1.5.4-1
Fixed Not affected
Current 1.16.1-1 [extra]
Ticket None
Created Thu Dec 17 14:51:48 2020
Issue Severity Remote Type Description
CVE-2020-35453 Medium No Privilege escalation
HashiCorp Vault Enterprise's Sentinel EGP policy feature incorrectly allowed requests to be processed in parent and sibling namespaces. Fixed in 1.5.6 and 1.6.1.