CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-7594

Medium Severity
SVRS
30/100
CVSSv3
NA/10
EPSS
0.00059/1

CVE-2024-7594 is a vulnerability in HashiCorp Vault's SSH secrets engine that could allow unauthorized user authentication. Without proper configuration of valid_principals and default_user fields, a certificate requested from Vault could be used to authenticate as any user on the host. This privilege escalation vulnerability is addressed in Vault Community Edition 1.17.6 and Vault Enterprise versions 1.17.6, 1.16.10, and 1.15.15. The SOCRadar Vulnerability Risk Score (SVRS) for CVE-2024-7594 is 30, indicating a moderate risk. While not immediately critical (SVRS above 80), this issue warrants attention and patching to prevent potential unauthorized access. Failure to update could lead to significant security breaches and compromise of sensitive data. This CVE is significant because it circumvents intended access controls within a widely used secrets management system.

TAGS
In The Wild
VECTOR STRING
PUBLICATION DATE2024-09-26
LAST MODIFIED2025-01-10
Eye Icon
SOCRadar
AI Insight

Description:

CVE-2024-7594 is a vulnerability in Vault's SSH secrets engine that allows an authorized user to authenticate as any user on the host. This is due to the fact that the valid_principals list is not required to contain a value by default.

Key Insights:

  • The SVRS of 30 indicates that this vulnerability is of moderate severity and requires attention.
  • The vulnerability is actively exploited in the wild, making it a high priority for remediation.
  • The Cybersecurity and Infrastructure Security Agency (CISA) has warned of the vulnerability, calling for immediate and necessary measures.

Mitigation Strategies:

  • Update Vault to version 1.17.6 or later.
  • Set the valid_principals list to contain a value.
  • Set the default_user field to a specific user.
  • Monitor for suspicious activity and take appropriate action if necessary.

Additional Information:

If users have additional queries regarding this incident, they can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

CVE-2024-7594 | HashiCorp Vault/Vault Enterprise up to 1.15.14/1.16.9/1.17.5 Engine Configuration valid_principals/default_user permission assignment (Nessus ID 210390)
vuldb.com2024-11-07
CVE-2024-7594 | HashiCorp Vault/Vault Enterprise up to 1.15.14/1.16.9/1.17.5 Engine Configuration valid_principals/default_user permission assignment (Nessus ID 210390) | A vulnerability, which was classified as critical, was found in HashiCorp Vault and Vault Enterprise up to 1.15.14/1.16.9/1.17.5. This affects an unknown part of the component Engine Configuration Handler. The manipulation of the argument valid_principals/default_user leads to incorrect permission assignment. This vulnerability is uniquely identified as <
vuldb.com
rss
forum
news
CVE-2024-7594 | HashiCorp Vault/Vault Enterprise up to 1.15.14/1.16.9/1.17.5 Engine Configuration valid_principals/default_user permission assignment
vuldb.com2024-09-26
CVE-2024-7594 | HashiCorp Vault/Vault Enterprise up to 1.15.14/1.16.9/1.17.5 Engine Configuration valid_principals/default_user permission assignment | A vulnerability, which was classified as critical, was found in HashiCorp Vault and Vault Enterprise up to 1.15.14/1.16.9/1.17.5. This affects an unknown part of the component Engine Configuration Handler. The manipulation of the argument valid_principals/default_user leads to incorrect permission assignment. This vulnerability is uniquely identified as <a href="https://
cve-2024-7594
domains
urls
cves

Social Media

The latest update for #CyCognito includes "Five Questions Your #EASM Vendor Doesn't Want You to Ask" and "Emerging Security Issue: HashiCorp Vault SSH CVE-2024-7594". #cybersecurity #AttackSurfaceManagement https://t.co/s4AWW7P9rO
0
0
0
The latest update for #CyCognito includes "Emerging Security Issue: HashiCorp Vault SSH CVE-2024-7594" and "Emerging Security Issue: SolarWinds Web Help Desk CVE-2024-28987". #cybersecurity #AttackSurfaceManagement #EASM https://t.co/s4AWW7P9rO
0
0
0
HashiCorp Vault Flaw: Unrestricted SSH Access Threatens System Security Important security alert: Discover the CVE-2024-7594 flaw in HashiCorp #Vault that could grant attackers unrestricted #SSH access https://t.co/s2aWbSdAVa
0
0
0

Affected Software

No affected software found for this CVE

References

ReferenceLink
[email protected]https://discuss.hashicorp.com/t/hcsec-2024-20-vault-ssh-secrets-engine-configuration-did-not-restrict-valid-principals-by-default/70251
AF854A3A-2127-422B-91AE-364DA2661108https://security.netapp.com/advisory/ntap-20250110-0007/
[email protected]https://discuss.hashicorp.com/t/hcsec-2024-20-vault-ssh-secrets-engine-configuration-did-not-restrict-valid-principals-by-default/70251

CWE Details

CWE IDCWE NameDescription
CWE-732Incorrect Permission Assignment for Critical ResourceThe product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence