CVE-2025-6037
BaseFortify
Publication date: 2025-08-01
Last updated on: 2025-08-13
Assigner: HashiCorp Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| hashicorp | vault | to 1.16.23 (exc) |
| hashicorp | vault | to 1.20.1 (exc) |
| hashicorp | vault | From 1.17.0 (inc) to 1.18.12 (exc) |
| hashicorp | vault | From 1.19.0 (inc) to 1.19.7 (exc) |
| hashicorp | vault | 1.20.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-295 | The product does not validate, or incorrectly validates, a certificate. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability occurs in Vault's TLS certificate authentication method when it is configured with a non-CA (Certificate Authority) certificate as a trusted certificate. In this scenario, Vault does not correctly validate client certificates, which allows an attacker to craft a malicious certificate that could impersonate another user.
How can this vulnerability impact me? :
The vulnerability can allow an attacker to impersonate another user by using a maliciously crafted certificate. This could lead to unauthorized access, data breaches, and potentially full compromise of the Vault system, affecting confidentiality, integrity, and availability of sensitive information.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, upgrade Vault to one of the fixed versions: Vault Community Edition 1.20.1 or Vault Enterprise versions 1.20.1, 1.19.7, 1.18.12, or 1.16.23. Additionally, review your TLS certificate auth method configuration to ensure it does not use a non-CA certificate as a trusted certificate.