CVE-2023-3462 — Vault's LDAP Auth Method Allows for User Enumeration

Description

HashiCorp's Vault and Vault Enterprise are vulnerable to user enumeration when using the LDAP auth method. An attacker may submit requests of existent and non-existent LDAP users and observe the response from Vault to check if the account is valid on the LDAP server. This vulnerability is fixed in Vault 1.14.1 and 1.13.5.

How to fix CVE-2023-3462

To remediate CVE-2023-3462, upgrade the affected package to a fixed version below.

—upgrade to 1.13.5 or later
—upgrade to 1.13.5 or later
—upgrade to 1.13.5 or later

Is CVE-2023-3462 being exploited?

Low — EPSS is 1.0%, meaning exploitation activity has not been observed at scale.

Affected packages (3)

>= 1.13.0, < 1.13.5, >= 1.14.0, < 1.14.1
from 0, < 1.13.5
from 0, < 1.13.5, >= 1.14.0, < 1.14.1

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	MEDIUM5.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

References (4)

ADVISORYgithub.com/advisories/GHSA-9v3w-w2jh-4hff
ADVISORYnvd.nist.gov/vuln/detail/CVE-2023-3462
PATCHgithub.com/hashicorp/vault
WEBdiscuss.hashicorp.com/t/hcsec-2023-24-vaults-ldap-auth-method-allows-for-user-enumeration/56714