CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-38553

HashiCorp Vault and Vault Enterprise 1.4.0 through 1.7.3 initialized an underlying database file associated with the Integrated Storage feature with excessively broad filesystem permissions. Fixed in Vault and Vault Enterprise 1.8.0.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 7.7%

CVSS Severity

CVSS v3 Score 4.4

CVSS v2 Score 2.1

References

Products affected by CVE-2021-38553

Hashicorp » Vault » Version: 1.4.0

cpe:2.3:a:hashicorp:vault:1.4.0
Hashicorp » Vault » Version: 1.4.1

cpe:2.3:a:hashicorp:vault:1.4.1
Hashicorp » Vault » Version: 1.4.2

cpe:2.3:a:hashicorp:vault:1.4.2
Hashicorp » Vault » Version: 1.4.3

cpe:2.3:a:hashicorp:vault:1.4.3
Hashicorp » Vault » Version: 1.4.4

cpe:2.3:a:hashicorp:vault:1.4.4
Hashicorp » Vault » Version: 1.4.5

cpe:2.3:a:hashicorp:vault:1.4.5
Hashicorp » Vault » Version: 1.4.5.1

cpe:2.3:a:hashicorp:vault:1.4.5.1
Hashicorp » Vault » Version: 1.4.6

cpe:2.3:a:hashicorp:vault:1.4.6
Hashicorp » Vault » Version: 1.4.7

cpe:2.3:a:hashicorp:vault:1.4.7
Hashicorp » Vault » Version: 1.5.0

cpe:2.3:a:hashicorp:vault:1.5.0
Hashicorp » Vault » Version: 1.5.1

cpe:2.3:a:hashicorp:vault:1.5.1
Hashicorp » Vault » Version: 1.5.2

cpe:2.3:a:hashicorp:vault:1.5.2
Hashicorp » Vault » Version: 1.5.2.1

cpe:2.3:a:hashicorp:vault:1.5.2.1
Hashicorp » Vault » Version: 1.5.3

cpe:2.3:a:hashicorp:vault:1.5.3
Hashicorp » Vault » Version: 1.5.4

cpe:2.3:a:hashicorp:vault:1.5.4
Hashicorp » Vault » Version: 1.5.5

cpe:2.3:a:hashicorp:vault:1.5.5
Hashicorp » Vault » Version: 1.5.6

cpe:2.3:a:hashicorp:vault:1.5.6
Hashicorp » Vault » Version: 1.5.7

cpe:2.3:a:hashicorp:vault:1.5.7
Hashicorp » Vault » Version: 1.5.8

cpe:2.3:a:hashicorp:vault:1.5.8
Hashicorp » Vault » Version: 1.5.9

cpe:2.3:a:hashicorp:vault:1.5.9
Hashicorp » Vault » Version: 1.6.0

cpe:2.3:a:hashicorp:vault:1.6.0
Hashicorp » Vault » Version: 1.6.1

cpe:2.3:a:hashicorp:vault:1.6.1
Hashicorp » Vault » Version: 1.6.2

cpe:2.3:a:hashicorp:vault:1.6.2
Hashicorp » Vault » Version: 1.6.3

cpe:2.3:a:hashicorp:vault:1.6.3
Hashicorp » Vault » Version: 1.6.4

cpe:2.3:a:hashicorp:vault:1.6.4
Hashicorp » Vault » Version: 1.6.5

cpe:2.3:a:hashicorp:vault:1.6.5
Hashicorp » Vault » Version: 1.7.0

cpe:2.3:a:hashicorp:vault:1.7.0
Hashicorp » Vault » Version: 1.7.1

cpe:2.3:a:hashicorp:vault:1.7.1
Hashicorp » Vault » Version: 1.7.10

cpe:2.3:a:hashicorp:vault:1.7.10
Hashicorp » Vault » Version: 1.7.2

cpe:2.3:a:hashicorp:vault:1.7.2
Hashicorp » Vault » Version: 1.7.3

cpe:2.3:a:hashicorp:vault:1.7.3
Hashicorp » Vault » Version: 1.7.4

cpe:2.3:a:hashicorp:vault:1.7.4
Hashicorp » Vault » Version: 1.7.5

cpe:2.3:a:hashicorp:vault:1.7.5
Hashicorp » Vault » Version: 1.7.6

cpe:2.3:a:hashicorp:vault:1.7.6
Hashicorp » Vault » Version: 1.7.7

cpe:2.3:a:hashicorp:vault:1.7.7
Hashicorp » Vault » Version: 1.7.8

cpe:2.3:a:hashicorp:vault:1.7.8
Hashicorp » Vault » Version: 1.7.9

cpe:2.3:a:hashicorp:vault:1.7.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-38553

Products

Pricing

Contact Us