CVE-2023-3774
Vault Enterprise Namespace Creation May Lead to Denial of Service
4.9
MEDIUM
CVSS 3.1
EPSS 0.52%
Description
An unhandled error in Vault Enterprise's namespace creation may cause the Vault process to crash, potentially resulting in denial of service. Fixed in 1.14.1, 1.13.5, and 1.12.9.
How to fix CVE-2023-3774
To remediate CVE-2023-3774, upgrade the affected package to a fixed version below.
- Bitnami/vault—upgrade to 1.12.9 or later
Is CVE-2023-3774 being exploited?
Low — EPSS is 0.5%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- >= 1.12.8, < 1.12.9, >= 1.13.4, < 1.13.5, >= 1.14.0, < 1.14.1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM4.9 | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H |