HashiCorp Vault 1.20.0 Enterprise Edition

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:hashicorp:vault:1.20.0:*:*:*:enterprise:*:*:*

part: a version: 1.20.0 update: *

VendorHashicorp (dc524c16-6a01-528e-a41c-9d3e02e5e4a3)
ProductVault (4dadab3d-054a-5498-9618-09dfc641ef81)
Edition*
Language*
Software editionenterprise
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
pkg:github/hashicorp/vault/ purl2cpe 2026-06-01 10:14:57.367061

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2025-6037 vulnerable 2026-06-03 15:12:26.505066 Vault Certificate Auth Method Did Not Validate Common Name For Non-CA Certificates
MEDIUM (6.8)
Vault and Vault Enterprise (“Vault”) TLS certificate auth method did not correctly validate client certificates when configured with a non-CA certificate as [+trusted certificate+|https://developer.hashicorp.com/vault/api-docs/auth/cert#certificate]. In this configuration, an attacker may be able to craft a malicious certificate that could be used to impersonate another user. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23.
Published: 2025-08-01T17:52:48.778Z
Updated: 2026-02-26T17:50:09.821Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-6015 vulnerable 2026-06-03 15:12:26.314378 Vault Login MFA Bypass of Rate Limiting and TOTP Code Reuse
MEDIUM (5.7)
Vault and Vault Enterprise’s (“Vault”) login MFA rate limits could be bypassed and TOTP tokens could be reused. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23.
Published: 2025-08-01T18:03:53.214Z
Updated: 2025-08-01T18:35:17.893Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-6014 vulnerable 2026-06-03 15:12:26.313509 Vault TOTP Secrets Engine Code Reuse
MEDIUM (6.5)
Vault and Vault Enterprise’s (“Vault”) TOTP Secrets Engine code validation endpoint is susceptible to code reuse within its validity period. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23.
Published: 2025-08-01T17:50:09.308Z
Updated: 2025-08-01T18:05:37.553Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-6011 vulnerable 2026-06-03 15:12:26.306108 Timing Side-Channel in Vault’s Userpass Auth Method
LOW (3.7)
A timing side channel in Vault and Vault Enterprise’s (“Vault”) userpass auth method allowed an attacker to distinguish between existing and non-existing users, and potentially enumerate valid usernames for Vault’s Userpass auth method. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23.
Published: 2025-08-01T18:00:24.528Z
Updated: 2025-08-01T19:06:58.251Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-6004 vulnerable 2026-06-03 15:12:26.296844 Vault Userpass and LDAP User Lockout Bypass
MEDIUM (5.3)
Vault and Vault Enterprise’s (“Vault”) user lockout feature could be bypassed for Userpass and LDAP authentication methods. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23.
Published: 2025-08-01T17:56:00.780Z
Updated: 2025-08-01T19:11:52.729Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-6000 vulnerable 2026-06-03 15:12:26.273372 Arbitrary Remote Code Execution via Plugin Catalog Abuse
CRITICAL (9.1)
A privileged Vault operator within the root namespace with write permission to {{sys/audit}} may obtain code execution on the underlying host if a plugin directory is set in Vault’s configuration. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23.
Published: 2025-08-01T17:40:48.524Z
Updated: 2025-08-01T18:12:02.883Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.