Vulnerability Description
OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 2.3.1 and below, OpenBao allowed the assignment of policies and MFA attribution based upon entity aliases, chosen by the underlying auth method. When the username_as_alias=true parameter in the LDAP auth method was in use, the caller-supplied username was used verbatim without normalization, allowing an attacker to bypass alias-specific MFA requirements. This issue was fixed in version 2.3.2. To work around this, remove all usage of the username_as_alias=true parameter and update any entity aliases accordingly.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Openbao | Openbao | < 2.3.2 |
Related Weaknesses (CWE)
References
- https://discuss.hashicorp.com/t/hcsec-2025-20-vault-ldap-mfa-enforcement-bypass-Not Applicable
- https://github.com/openbao/openbao/commit/c52795c1ef746c7f2c510f9225aa8ccbbd44f9Patch
- https://github.com/openbao/openbao/security/advisories/GHSA-2q8q-8fgw-9p6pVendor Advisory
FAQ
What is CVE-2025-55001?
CVE-2025-55001 is a vulnerability with a CVSS score of 6.5 (MEDIUM). OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 2.3.1 and below, OpenBao allowed the assignment of ...
How severe is CVE-2025-55001?
CVE-2025-55001 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-55001?
Check the references section above for vendor advisories and patch information. Affected products include: Openbao Openbao.