CVE-2025-5999
BaseFortify
Publication date: 2025-08-01
Last updated on: 2025-08-13
Assigner: HashiCorp Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| hashicorp | vault | From 0.10.4 (inc) to 1.16.22 (exc) |
| hashicorp | vault | From 0.10.4 (inc) to 1.20.0 (exc) |
| hashicorp | vault | From 1.17.0 (inc) to 1.18.11 (exc) |
| hashicorp | vault | From 1.19.0 (inc) to 1.19.6 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-266 | A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability allows a privileged Vault operator who has write permissions to the root namespace's identity endpoint to escalate their own or another user's token privileges to Vault's root policy, effectively granting them full administrative access.
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized privilege escalation, allowing an attacker or malicious insider to gain root-level access to Vault. This can result in full control over secrets and sensitive data managed by Vault, potentially leading to data breaches, unauthorized access, and disruption of services.
What immediate steps should I take to mitigate this vulnerability?
Upgrade to Vault Community Edition 1.20.0 or later, or Vault Enterprise versions 1.20.0, 1.19.6, 1.18.11, or 1.16.22 and later to apply the fix for this vulnerability.