0.001 Low
EPSS
Percentile
38.5%
vault is vulnerable to Improper Certificate Validation. The vulnerability exists due to insufficient validation of URI subject alternative names which allows an attacker to bypass the certificate subject verification.
access.redhat.com/security/cve/cve-2022-41316
discuss.hashicorp.com
discuss.hashicorp.com/t/hcsec-2022-24-vaults-tls-cert-auth-method-only-loaded-crl-after-first-request/45483
secdb.alpinelinux.org/v3.16/community.yaml
security.netapp.com/advisory/ntap-20221201-0001/