gsd-2023-0690
Vulnerability from gsd
Modified
2023-12-13 01:20
Details
HashiCorp Boundary from 0.10.0 through 0.11.2 contain an issue where when using a PKI-based worker with a Key Management Service (KMS) defined in the configuration file, new credentials created after an automatic rotation may not have been encrypted via the intended KMS. This would result in the credentials being stored in plaintext on the Boundary PKI worker’s disk. This issue is fixed in version 0.12.0.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2023-0690",
"id": "GSD-2023-0690"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2023-0690"
],
"details": "HashiCorp Boundary from 0.10.0 through 0.11.2 contain an issue where when using a PKI-based worker with a Key Management Service (KMS) defined in the configuration file, new credentials created after an automatic rotation may not have been encrypted via the intended KMS. This would result in the credentials being stored in plaintext on the Boundary PKI worker\u2019s disk. This issue is fixed in version 0.12.0.",
"id": "GSD-2023-0690",
"modified": "2023-12-13T01:20:22.928693Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@hashicorp.com",
"ID": "CVE-2023-0690",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Boundary",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "0.10.0"
}
]
}
}
]
},
"vendor_name": "HashiCorp"
}
]
}
},
"configuration": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This requires running a Boundary worker using the PKI-based authenticated method and defining a Key Management System (KMS) for worker auth storage."
}
],
"value": "This requires running a Boundary worker using the PKI-based authenticated method and defining a Key Management System (KMS) for worker auth storage."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HashiCorp Boundary from 0.10.0 through 0.11.2 contain an issue where when using a PKI-based worker with a Key Management Service (KMS) defined in the configuration file, new credentials created after an automatic rotation may not have been encrypted via the intended KMS. This would result in the credentials being stored in plaintext on the Boundary PKI worker\u2019s disk. This issue is fixed in version 0.12.0."
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-312",
"lang": "eng",
"value": "CWE-312 Cleartext Storage of Sensitive Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://discuss.hashicorp.com/t/hcsec-2023-03-boundary-workers-store-rotated-credentials-in-plaintext-even-when-key-management-service-configured/49907",
"refsource": "MISC",
"url": "https://discuss.hashicorp.com/t/hcsec-2023-03-boundary-workers-store-rotated-credentials-in-plaintext-even-when-key-management-service-configured/49907"
}
]
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade to Boundary 0.12.0. After upgrading, users should do one of the following to remediate the issue:\u003cbr\u003e\u003cbr\u003e\u003cul\u003e\u003cli\u003eWait for next worker authentication rotation to occur, typically within one week, at which point the new credentials should be properly encrypted.\u003c/li\u003e\u003cli\u003eDelete the worker from the system and re-authorize it, forcing the worker to generate a new set of credentials immediately, which will be encrypted.\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "Upgrade to Boundary 0.12.0. After upgrading, users should do one of the following to remediate the issue:\n\n * Wait for next worker authentication rotation to occur, typically within one week, at which point the new credentials should be properly encrypted.\n * Delete the worker from the system and re-authorize it, forcing the worker to generate a new set of credentials immediately, which will be encrypted.\n\n\n"
}
],
"source": {
"advisory": "HCSEC-2023-03",
"discovery": "INTERNAL"
}
},
"gitlab.com": {
"advisories": [
{
"affected_range": "\u003e=v0.10.0 \u003cv0.12.0",
"affected_versions": "All versions starting from 0.10.0 before 0.12.0",
"cvss_v3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-311",
"CWE-937"
],
"date": "2023-07-06",
"description": "HashiCorp Boundary from 0.10.0 through 0.11.2 contain an issue where when using a PKI-based worker with a Key Management Service (KMS) defined in the configuration file, new credentials created after an automatic rotation may not have been encrypted via the intended KMS. This would result in the credentials being stored in plaintext on the Boundary PKI worker\u2019s disk. This issue is fixed in version 0.12.0.",
"fixed_versions": [
"v0.12.0"
],
"identifier": "CVE-2023-0690",
"identifiers": [
"GHSA-9vrm-v9xv-x3xr",
"CVE-2023-0690"
],
"not_impacted": "All versions before 0.10.0, all versions starting from 0.12.0",
"package_slug": "go/github.com/hashicorp/boundary",
"pubdate": "2023-07-06",
"solution": "Upgrade to version 0.12.0 or above.",
"title": "Missing Encryption of Sensitive Data",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2023-0690",
"https://discuss.hashicorp.com/t/hcsec-2023-03-boundary-workers-store-rotated-credentials-in-plaintext-even-when-key-management-service-configured/49907",
"https://github.com/advisories/GHSA-9vrm-v9xv-x3xr"
],
"uuid": "f3c197fe-0956-4139-97fd-a565446a849c",
"versions": [
{
"commit": {
"sha": "ad9a47a7f937581edf4fd1edea3332d55d243a01",
"tags": [
"v0.10.0"
],
"timestamp": "20220809224030"
},
"number": "v0.10.0"
},
{
"commit": {
"sha": "034f27ec8528251ce23b5afbf3851c48b0c54bec",
"tags": [
"v0.12.0"
],
"timestamp": "20230208020600"
},
"number": "v0.12.0"
}
]
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:hashicorp:boundary:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "0.12.0",
"versionStartIncluding": "0.10.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security@hashicorp.com",
"ID": "CVE-2023-0690"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "HashiCorp Boundary from 0.10.0 through 0.11.2 contain an issue where when using a PKI-based worker with a Key Management Service (KMS) defined in the configuration file, new credentials created after an automatic rotation may not have been encrypted via the intended KMS. This would result in the credentials being stored in plaintext on the Boundary PKI worker\u2019s disk. This issue is fixed in version 0.12.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-311"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://discuss.hashicorp.com/t/hcsec-2023-03-boundary-workers-store-rotated-credentials-in-plaintext-even-when-key-management-service-configured/49907",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.hashicorp.com/t/hcsec-2023-03-boundary-workers-store-rotated-credentials-in-plaintext-even-when-key-management-service-configured/49907"
}
]
}
},
"impact": {
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
},
"lastModifiedDate": "2023-02-18T21:14Z",
"publishedDate": "2023-02-08T19:15Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…