CVE-2024-7594
Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default
7.5
HIGH
CVSS 3.1
EPSS 0.60%
Description
Vault’s SSH secrets engine did not require the valid_principals list to contain a value by default. If the valid_principals and default_user fields of the SSH secrets engine configuration are not set, an SSH certificate requested by an authorized user to Vault’s SSH secrets engine could be used to authenticate as any user on the host. Fixed in Vault Community Edition 1.17.6, and in Vault Enterprise 1.17.6, 1.16.10, and 1.15.15.
How to fix CVE-2024-7594
To remediate CVE-2024-7594, upgrade the affected package to a fixed version below.
- —upgrade to 1.17.6 or later
- —upgrade to 1.17.6 or later
- —upgrade to 1.17.6 or later
- —no fix listed
Is CVE-2024-7594 being exploited?
Low — EPSS is 0.6%, meaning exploitation activity has not been observed at scale.
Affected packages (4)
- >= 1.7.7, < 1.17.6
- >= 1.7.7, < 1.17.6
- >= 1.7.7, < 1.17.6
- >= 0.1.0
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 4.0 | — | CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
| osv | CVSS 3.1 | HIGH7.5 | CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |