CVE-2025-6015 - CERT CVE
ID CVE-2025-6015
Sažetak Vault and Vault Enterprise’s (“Vault”) login MFA rate limits could be bypassed and TOTP tokens could be reused. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23.
Reference
CVSS
Base: 5.7
Impact: 3.6
Exploitability:2.1
Pristup
VektorSloženostAutentikacija
NETWORK LOW LOW
Impact
PovjerljivostCjelovitostDostupnost
HIGH NONE NONE
CVSS vektor CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
Zadnje važnije ažuriranje 01-08-2025 - 18:15
Objavljeno 01-08-2025 - 18:15