CVE-2021-38553 log

Source
Severity Low
Remote No
Type Denial of service
Description
HashiCorp Vault 1.4.0 through 1.7.3 initialized an underlying database file associated with the Integrated Storage feature with excessively broad filesystem permissions.
Group Package Affected Fixed Severity Status Ticket
AVG-2294 vault 1.7.3-1 Medium Vulnerable
References
https://discuss.hashicorp.com/t/hcsec-2021-20-vault-s-integrated-storage-backend-database-file-may-have-excessively-broad-permissions/28168