In Vault and Vault Enterprise versions 1.14.0 and newer a medium severity vulnerability CVE-2024-2660 was detected. This vulnerability affects how Vault checks for certificate status, potentially letting someone with network access use a fake certificate to get unauthorized access. The issue is resolved in Vault version 1.16.0 and Vault Enterprise versions 1.16.1, 1.15.7, and 1.14.11. For more information, visit https://avd.aquasec.com/nvd/2024/cve-2024-2660.
Read more Security