CVE-2023-3774

Summary

An unhandled error in Vault Enterprise's namespace creation may cause the Vault process to crash, potentially resulting in denial of service. Fixed in 1.14.1, 1.13.5, and 1.12.9.

Affected Software

VendorProductVersion RangeStatus
HashiCorpVault Enterprise1.14.0affected
HashiCorpVault Enterprise1.13.4affected
HashiCorpVault Enterprise1.12.8affected

Weaknesses

  • CWE-248: CWE-248: Uncaught Exception

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References