Proxy Environment Variable Leakage in HashiCorp Vault and Vault Enterprise (Fixed in 1.3.6 and 1.4.2)

Proxy Environment Variable Leakage in HashiCorp Vault and Vault Enterprise (Fixed in 1.3.6 and 1.4.2)

CVE-2020-13223 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

HashiCorp Vault and Vault Enterprise logged proxy environment variables that potentially included sensitive credentials. Fixed in 1.3.6 and 1.4.2.

Learn more about our Web Application Penetration Testing UK.