CVE-2025-4656

Vault Community and Vault Enterprise rekey and recovery key operations can lead to a denial of service due to uncontrolled cancellation by a Vault operator. This vulnerability (CVE-2025-4656) has been remediated in Vault Community Edition 1.20.0 and Vault Enterprise 1.20.0, 1.19.6, 1.18.11, 1.17.17, and 1.16.22.

CVSS v3 3.1 LOW

3.1^/10

CVSS v3 : LOW

Vector :

Exploitability : 1.6 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://discuss.hashicorp.com/t/hcsec-2025-11-vault-vulnerable-to-recovery-key-cancellation-denial-of-service/75570	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:hashicorp:vault:::::enterprise:::*
	cpe:2.3:a:hashicorp:vault:::::-:::*
	cpe:2.3:a:hashicorp:vault:::::enterprise:::*
	cpe:2.3:a:hashicorp:vault:::::enterprise:::*
	cpe:2.3:a:hashicorp:vault:::::enterprise:::*

History

No history.

Information

Published : 2025-06-25 17:15

Updated : 2025-08-13 18:02

NVD link : CVE-2025-4656

Mitre link : CVE-2025-4656

CVE.ORG link : CVE-2025-4656

JSON object : View

Products Affected

hashicorp

vault

CWE

CWE-1088

Synchronous Access of Remote Resource without Timeout

{"id": "CVE-2025-4656", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.1, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 1.6}]}, "published": "2025-06-25T17:15:38.440", "references": [{"url": "https://discuss.hashicorp.com/t/hcsec-2025-11-vault-vulnerable-to-recovery-key-cancellation-denial-of-service/75570", "tags": ["Vendor Advisory"], "source": "[email protected]"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-1088"}]}], "descriptions": [{"lang": "en", "value": "Vault Community and Vault Enterprise rekey and recovery key operations can lead to a denial of service due to uncontrolled cancellation by a Vault operator. This vulnerability (CVE-2025-4656) has been remediated in Vault Community Edition 1.20.0 and Vault Enterprise 1.20.0, 1.19.6, 1.18.11, 1.17.17, and 1.16.22."}, {"lang": "es", "value": "Las operaciones de regeneraci\u00f3n y recuperaci\u00f3n de claves en Vault Community y Vault Enterprise pueden provocar una denegaci\u00f3n de servicio debido a una cancelaci\u00f3n incontrolada por parte del operador de Vault. Esta vulnerabilidad (CVE-2025-4656) se ha corregido en Vault Community Edition 1.20.0 y Vault Enterprise 1.20.0, 1.19.6, 1.18.11, 1.17.17 y 1.16.22."}], "lastModified": "2025-08-13T18:02:04.647", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hashicorp:vault:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "362A6BF9-463B-4731-9836-EF966D67955F", "versionEndExcluding": "1.16.22", "versionStartIncluding": "1.14.8"}, {"criteria": "cpe:2.3:a:hashicorp:vault:*:*:*:*:-:*:*:*", "vulnerable": true, "matchCriteriaId": "E701091F-EE3B-42DF-8A7C-DB5E6406594A", "versionEndExcluding": "1.20.0", "versionStartIncluding": "1.14.8"}, {"criteria": "cpe:2.3:a:hashicorp:vault:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "153C40C1-1A2A-4E72-9BA3-401623624286", "versionEndExcluding": "1.17.17", "versionStartIncluding": "1.17.0"}, {"criteria": "cpe:2.3:a:hashicorp:vault:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "AA8473A3-F01E-4066-A6D7-A9441C3313EF", "versionEndExcluding": "1.18.11", "versionStartIncluding": "1.18.0"}, {"criteria": "cpe:2.3:a:hashicorp:vault:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "4391BB57-7806-44C8-A879-6CBB8F5A5DCC", "versionEndExcluding": "1.19.6", "versionStartIncluding": "1.19.0"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}