CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Hashicorp: >> Vault >> 1.7.0 Security Vulnerabilities

CVE-2021-27400

HashiCorp Vault and Vault Enterprise Cassandra integrations (storage backend and database secrets engine plugin) did not validate TLS certificates when connecting to Cassandra clusters. Fixed in 1.6.4 and 1.7.1

CVSS Score

7.5

EPSS Score

0.002

Published

2021-04-22

CVE-2021-29653

HashiCorp Vault and Vault Enterprise 1.5.1 and newer, under certain circumstances, may exclude revoked but unexpired certificates from the CRL. Fixed in 1.5.8, 1.6.4, and 1.7.1.

CVSS Score

7.5

EPSS Score

0.001

Published

2021-04-22

Page 4

Vulnerabilities

Vulnerable Software

Hashicorp: >> Vault >> 1.7.0 Security Vulnerabilities

Products

Pricing

Contact Us