CVE-2023-2197

low-risk
Published 2023-05-01

HashiCorp Vault Enterprise 1.13.0 up to 1.13.1 is vulnerable to a padding oracle attack when using an HSM in conjunction with the CKM_AES_CBC_PAD or CKM_AES_CBC encryption mechanisms. An attacker with privileges to modify storage and restart Vault may be able to intercept or modify cipher text in order to derive Vault’s root key. Fixed in 1.13.2

Do I need to act?

-
0.02% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
2
CVSS 2.5/10 Low
LOCAL / HIGH complexity

Affected Products (1)

Affected Vendors

Hashicorp

References (4)

Mitigation https://discuss.hashicorp.com/t/hcsec-2023-14-vault-enterprise-vulnerable-to-pad...
https://security.netapp.com/advisory/ntap-20230609-0007/
Mitigation https://discuss.hashicorp.com/t/hcsec-2023-14-vault-enterprise-vulnerable-to-pad...
https://security.netapp.com/advisory/ntap-20230609-0007/
11
/ 100
low-risk
Severity 6/34 · Minimal
Exploitability 0/34 · Minimal
Exposure 5/34 · Minimal