CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2024-7594: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default

7.5 CVSS

Description

Vault’s SSH secrets engine did not require the valid_principals list to contain a value by default. If the valid_principals and default_user fields of the SSH secrets engine configuration are not set, an SSH certificate requested by an authorized user to Vault’s SSH secrets engine could be used to authenticate as any user on the host. Fixed in Vault Community Edition 1.17.6, and in Vault Enterprise 1.17.6, 1.16.10, and 1.15.15.

Classification

CVE ID: CVE-2024-7594

CVSS Base Severity: HIGH

CVSS Base Score: 7.5

Affected Products

Vendor: HashiCorp

Product: Vault

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 11.47% (scored less or equal to compared to others)

EPSS Date: 2025-02-08 (when was this score calculated)

References

https://discuss.hashicorp.com/t/hcsec-2024-20-vault-ssh-secrets-engine-configuration-did-not-restrict-valid-principals-by-default/70251

Timeline

2025-01-11 00:30:56 UTC
CVE

Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default