Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

This is authz bypass, not authn, right? You're an unprivileged user and can assume privileged roles.


Yes and https://discuss.hashicorp.com/t/hcsec-2024-05-vault-cert-aut... was an earlier authN+authZ bypass in the same code block.

So maybe one step down in severity, though I do not know the details of what HCSEC-2024-05 was fixed with as that was after the fork point. OpenBao moved to full cert pinning (constant-time cert.Raw comparisons) when remediating that one, which meant we were not affected by this variant.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: