Vulnerability Description
HashiCorp Vault and Vault Enterprise versions 0.8.0 through 1.13.1 are vulnerable to an SQL injection attack when configuring the Microsoft SQL (MSSQL) Database Storage Backend. When configuring the MSSQL plugin through the local, certain parameters are not sanitized when passed to the user-provided MSSQL database. An attacker may modify these parameters to execute a malicious SQL command. This issue is fixed in versions 1.13.1, 1.12.5, and 1.11.9.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hashicorp | Vault | < 1.11.9 |
Related Weaknesses (CWE)
References
- https://discuss.hashicorp.com/t/hcsec-2023-12-vault-s-microsoft-sql-database-stoIssue TrackingPatchVendor Advisory
- https://security.netapp.com/advisory/ntap-20230526-0008/
- https://discuss.hashicorp.com/t/hcsec-2023-12-vault-s-microsoft-sql-database-stoIssue TrackingPatchVendor Advisory
- https://security.netapp.com/advisory/ntap-20230526-0008/
FAQ
What is CVE-2023-0620?
CVE-2023-0620 is a vulnerability with a CVSS score of 6.5 (MEDIUM). HashiCorp Vault and Vault Enterprise versions 0.8.0 through 1.13.1 are vulnerable to an SQL injection attack when configuring the Microsoft SQL (MSSQL) Database Storage Backend. When configuring the M...
How severe is CVE-2023-0620?
CVE-2023-0620 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-0620?
Check the references section above for vendor advisories and patch information. Affected products include: Hashicorp Vault.