Moderate severityNVD Advisory· Published Apr 4, 2024· Updated Sep 26, 2024
Vault TLS Cert Auth Method Did Not Correctly Validate OCSP Responses
CVE-2024-2660
Description
Vault and Vault Enterprise TLS certificates auth method did not correctly validate OCSP responses when one or more OCSP sources were configured. This vulnerability, CVE-2024-2660, affects Vault and Vault Enterprise 1.14.0 and above, and is fixed in Vault 1.16.0 and Vault Enterprise 1.16.1, 1.15.7, and 1.14.11.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/hashicorp/vaultGo | < 1.16.0 | 1.16.0 |
Affected products
16- osv-coords14 versionspkg:apk/chainguard/k3dpkg:apk/chainguard/k3d-proxypkg:apk/chainguard/k3d-toolspkg:apk/chainguard/vault-1.16pkg:apk/chainguard/vault-1.16-compatpkg:apk/chainguard/vault-fips-1.14pkg:apk/chainguard/vault-fips-1.16pkg:apk/chainguard/vault-fips-1.16-compatpkg:apk/wolfi/k3dpkg:apk/wolfi/k3d-proxypkg:apk/wolfi/k3d-toolspkg:bitnami/vaultpkg:golang/github.com/hashicorp/vaultpkg:rpm/opensuse/sops&distro=openSUSE%20Tumbleweed
< 5.6.0-r11+ 13 more
- (no CPE)range: < 5.6.0-r11
- (no CPE)range: < 5.6.0-r11
- (no CPE)range: < 5.6.0-r11
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 1.14.11-r0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 5.6.0-r11
- (no CPE)range: < 5.6.0-r11
- (no CPE)range: < 5.6.0-r11
- (no CPE)range: >= 1.14.0, < 1.16.0
- (no CPE)range: < 1.16.0
- (no CPE)range: < 3.9.0-1.1
- Range: 1.14.0
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.