AVG-1519 log
Package | vault |
Status | Not affected |
Severity | Medium |
Type | authentication bypass |
Affected | 1.5.4-1 |
Fixed | Not affected |
Current | 1.18.2-1 [extra] |
Ticket | None |
Created | Mon Feb 1 18:27:15 2021 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2021-3282 | Medium | Yes | Authentication bypass | HashiCorp Vault Enterprise 1.6.0 and 1.6.1 allowed the `remove-peer` raft operator command to be executed against DR secondaries without authentication.... |