Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Requires non-default header pass-through config plus attacker-controlled plugin backend (AC:H) and a valid in-flight token (PR:L); primary impact is token disclosure (C:H) with downstream replay (I:L), no availability impact.
Primary rating from NVD.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
13DescriptionNVD
If a Vault auth mount is configured to pass through the "Authorization" header, and the "Authorization" header is used to authenticate to Vault, Vault forwarded the Vault token to the auth plugin backend. Fixed in 2.0.0, 1.21.5, 1.20.10, and 1.19.16.
AnalysisAI
Token leakage in HashiCorp Vault and Vault Enterprise (0.11.2 up to 2.0.0, 1.21.5, 1.20.10, and 1.19.16) occurs when an auth mount is configured to pass through the 'Authorization' header and that same header is used to authenticate to Vault; in this case Vault forwards the caller's Vault token onward to the auth plugin backend. An authenticated client's token is thereby exposed to a plugin backend that should never see it, enabling potential impersonation and unauthorized secret access. No public exploit identified at time of analysis, and EPSS exploitation probability is negligible (0.01%, 3rd percentile).
Vault and Vault Enterprise (“Vault”) may expose sensitive information when enabling an audit device which specifies the
Vault and Vault Enterprise (“Vault”) TLS certificate auth method did not correctly validate client certificates when con
The official vault docker images before 0.11.6 contain a blank password for a root user. Rated critical severity (CVSS 9
HashiCorp Vault and Vault Enterprise 1.4.0 and 1.4.1, when configured with the GCP Secrets Engine, may incorrectly gener
An issue was discovered in HashiCorp Vault and Vault Enterprise before 1.11.3. Rated critical severity (CVSS 9.1), this
HashiCorp Vault Enterprise 1.7.0 through 1.9.7, 1.10.4, and 1.11.0 clusters using Integrated Storage expose an unauthent
HashiCorp Vault and Vault Enterprise versions 0.11.0 through 1.3.3 may, under certain circumstances, have existing neste
Vault’s SSH secrets engine did not require the valid_principals list to contain a value by default. Rated high severity
HashiCorp Vault and Vault Enterprise versions 0.8.3 and newer, when configured with the GCP GCE auth method, may be vuln
HashiCorp Vault and Vault Enterprise versions 0.7.1 and newer, when configured with the AWS IAM auth method, may be vuln
HashiCorp Vault's KVv2 secrets engine allows authenticated users with glob-based policy access to delete secrets outside
HashiCorp Vault and Vault Enterprise’s approle auth method allowed any authenticated user with access to an approle dest
Same technique Information Disclosure
View allVendor StatusVendor
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-23345
GHSA-72gw-fmmr-c4r4