Back to bug 1995207

Who When What Removed Added
Pedro Sampaio 2021-08-18 16:10:20 UTC Blocks 1995210
Red Hat Bugzilla 2021-10-15 11:52:10 UTC CC kconner
Anten Skrabec 2021-10-28 18:13:50 UTC Status NEW CLOSED
Resolution --- NOTABUG
Last Closed 2021-10-28 18:13:50 UTC
Avinash Hanwate 2023-02-13 12:11:32 UTC CC amctagga, etamir, hchiramm, jcantril, jrivera, madam, muagarwa, nbecker, ocs-bugs, periklis, sostapov, tnielsen
Avinash Hanwate 2023-02-13 12:12:43 UTC Resolution NOTABUG ---
Status CLOSED NEW
Keywords Reopened
Avinash Hanwate 2023-02-13 12:38:28 UTC Fixed In Version vault 1.8.0
Doc Text A flaw was found in the vault package. The Vault UI web application failed to completely clear a client-side data cache on user logout. As a result, an authenticated user sharing a browser to access Vault may have been able to view the previous authenticated user’s cached secrets, even if they were not authorized by Vault policies to view them.
Avinash Hanwate 2023-02-13 12:41:43 UTC Depends On 2169360
Paige Jung 2023-02-13 16:22:07 UTC Doc Text A flaw was found in the vault package. The Vault UI web application failed to completely clear a client-side data cache on user logout. As a result, an authenticated user sharing a browser to access Vault may have been able to view the previous authenticated user’s cached secrets, even if they were not authorized by Vault policies to view them. A flaw was found in the vault package. The Vault UI web application may fail to completely clear a client-side data cache on user logout. As a result, an authenticated user sharing a browser to access Vault may have been able to view the previous authenticated user’s cached secrets, even if they were not authorized by Vault policies to view them.
Red Hat Bugzilla 2023-07-07 08:29:23 UTC Assignee security-response-team nobody
Red Hat Bugzilla 2023-08-03 08:29:15 UTC CC ocs-bugs

Back to bug 1995207