2241306 – (CVE-2023-3775) CVE-2023-3775 hashicorp/vault: vault enterprise’s sentinel RGP policies allowed for cross-namespace denial of service

Bug 2241306 (CVE-2023-3775) - CVE-2023-3775 hashicorp/vault: vault enterprise’s sentinel RGP policies allowed for cross-namespace denial of service

Summary: CVE-2023-3775 hashicorp/vault: vault enterprise’s sentinel RGP policies allow...

Keywords:
Status:	NEW
Alias:	CVE-2023-3775
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2241310 2241311 2241312 2241313 2241314 2241315 2241316 2241317 2241318 2241319 2241320
Blocks:	2241308
TreeView+	depends on / blocked

Reported:	2023-09-29 09:33 UTC by TEJ RATHI
Modified:	2025-05-06 08:28 UTC (History)
CC List:	25 users (show)
Fixed In Version:	Vault Enterprise 1.15.0, 1.14.4, and 1.13.8
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2024:3718	0	None	None	None	2024-10-01 17:30:22 UTC

Description TEJ RATHI 2023-09-29 09:33:29 UTC

A Vault Enterprise Sentinel Role Governing Policy created by an operator to restrict access to resources in one namespace can be applied to requests outside in another non-descendant namespace, potentially resulting in denial of service. Fixed in Vault Enterprise 1.15.0, 1.14.4, 1.13.8.

https://discuss.hashicorp.com/t/hcsec-2023-29-vault-enterprise-s-sentinel-rgp-policies-allowed-for-cross-namespace-denial-of-service/58653

Comment 3 Michael Adam 2023-10-02 13:06:31 UTC

(In reply to TEJ RATHI from comment #0)
> A Vault Enterprise Sentinel Role Governing Policy created by an operator to
> restrict access to resources in one namespace can be applied to requests
> outside in another non-descendant namespace, potentially resulting in denial
> of service. Fixed in Vault Enterprise 1.15.0, 1.14.4, 1.13.8.


Does  this suggest that updating  projects' vault dependencies to one of these versions would fix the issue?

Comment 6 errata-xmlrpc 2024-10-01 17:30:18 UTC

This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.17

Via RHSA-2024:3718 https://access.redhat.com/errata/RHSA-2024:3718

Note You need to log in before you can comment on or make changes to this bug.

amctagga
aoconnor
bniver
dfreiber
dsimansk
flucifre
gmeno
jburrell
jkoehler
lball
madam
matzew
mbenjamin
mhackett
mrajanna
muagarwa
nbecker
odf-bz-bot
rhuss
rogbas
shbose
sostapov
tnielsen
vereddy
vkumar