Lucene search
MitreCVELIST:CVE-2021-42135HistoryOct 11, 2021 - 2:52 a.m.
CVE-2021-42135
2021-10-1102:52:59
mitre
www.cve.org
1
HashiCorp Vault and Vault Enterprise 1.8.x through 1.8.4 may have an unexpected interaction between glob-related policies and the Google Cloud secrets engine. Users may, in some situations, have more privileges than intended, e.g., a user with read permission for the /gcp/roleset/* path may be able to issue Google Cloud service account credentials.
Related
osv
osv
Incorrect Privilege Assignment in HashiCorp Vault
2021-10-12 18:41:16
CVE-2021-42135
2021-10-11 03:15:06
BIT-vault-2021-42135
2024-03-06 11:10:28
redhatcve
redhatcve
CVE-2021-42135
2023-02-16 07:59:15
github
github
Incorrect Privilege Assignment in HashiCorp Vault
2021-10-12 18:41:16
prion
prion
Design/Logic Flaw
2021-10-11 03:15:00
nvd
nvd
CVE-2021-42135
2021-10-11 03:15:06
cve
cve
CVE-2021-42135
2021-10-11 03:15:06