Skip to main content
CVE-2023-2197 LOW Monitor

HashiCorp Vault Enterprise 1.13.0 up to 1.13.1 is vulnerable to a padding oracle attack when using an HSM in conjunction with the CKM_AES_CBC_PAD or CKM_AES_CBC encryption mechanisms. Rated low severity (CVSS 2.5). No vendor patch available.

Oracle Information Disclosure Hashicorp Vault
NVD
CVSS 3.1
2.5
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy