{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-6337", "assignerOrgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc", "state": "PUBLISHED", "assignerShortName": "HashiCorp", "dateReserved": "2023-11-27T18:55:16.606Z", "datePublished": "2023-12-08T21:12:31.712Z", "dateUpdated": "2025-02-13T17:26:18.153Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc", "shortName": "HashiCorp", "dateUpdated": "2024-01-12T14:06:26.047Z"}, "title": "Vault May be Vulnerable to a Denial of Service Through Memory Exhaustion When Handling Large HTTP Requests", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-770", "description": "CWE-770 Allocation of Resources Without Limits or Throttling", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-130", "descriptions": [{"lang": "en", "value": "CAPEC-130 Excessive Allocation"}]}], "affected": [{"vendor": "HashiCorp", "product": "Vault", "platforms": ["Windows", "MacOS", "Linux", "x86", "ARM", "64 bit", "32 bit"], "repo": "https://github.com/hashicorp/vault", "versions": [{"status": "affected", "version": "1.12.0", "lessThan": "1.15.4", "changes": [{"at": "1.14.8", "status": "unaffected"}, {"at": "1.13.2", "status": "unaffected"}], "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "HashiCorp", "product": "Vault Enterprise", "platforms": ["Windows", "MacOS", "Linux", "x86", "ARM", "64 bit", "32 bit"], "versions": [{"status": "affected", "version": "1.12.0", "lessThan": "1.15.4", "changes": [{"at": "1.14.8", "status": "unaffected"}, {"at": "1.13.2", "status": "unaffected"}], "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "HashiCorp Vault and Vault Enterprise 1.12.0 and newer are vulnerable to a denial of service through memory exhaustion of the host when handling large unauthenticated and authenticated HTTP requests from a client. Vault will attempt to map the request to memory, resulting in the exhaustion of available memory on the host, which may cause Vault to crash.\n\nFixed in\u00a0Vault 1.15.4, 1.14.8, 1.13.12.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<span style=\"background-color: transparent;\">HashiCorp Vault and Vault Enterprise 1.12.0 and newer are vulnerable to a denial of service through memory exhaustion of the host when handling large unauthenticated and authenticated HTTP requests from a client. Vault will attempt to map the request to memory, resulting in the exhaustion of available memory on the host, which may cause Vault to crash.<br><br>Fixed in&nbsp;<span style=\"background-color: transparent;\">Vault 1.15.4, 1.14.8, 1.13.12.</span><br></span><br>"}]}], "references": [{"url": "https://discuss.hashicorp.com/t/hcsec-2023-34-vault-vulnerable-to-denial-of-service-through-memory-exhaustion-when-handling-large-http-requests/60741"}, {"url": "https://security.netapp.com/advisory/ntap-20240112-0006/"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseSeverity": "HIGH", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}}], "source": {"advisory": "HCSEC-2023-34", "discovery": "USER"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:28:21.284Z"}, "title": "CVE Program Container", "references": [{"url": "https://discuss.hashicorp.com/t/hcsec-2023-34-vault-vulnerable-to-denial-of-service-through-memory-exhaustion-when-handling-large-http-requests/60741", "tags": ["x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20240112-0006/", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:hashicorp:vault:*:*:*:*:*:*:*:*", "matchCriteriaId": "279420C4-177B-42B2-A4D9-6E9EDA3F1D0E", "versionEndIncluding": "1.12.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:hashicorp:vault:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "B0DB3723-28B2-48CB-9027-9A3AE4C650BD", "versionEndIncluding": "1.12.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:hashicorp:vault:*:*:*:*:*:*:*:*", "matchCriteriaId": "DCBF4C08-0C81-46C1-B9C6-843E07C78E34", "versionEndExcluding": "1.13.12", "versionStartIncluding": "1.13.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:hashicorp:vault:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "F1B50279-B5C2-442A-AA6B-55DDD19ED8F5", "versionEndExcluding": "1.13.12", "versionStartIncluding": "1.13.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:hashicorp:vault:*:*:*:*:*:*:*:*", "matchCriteriaId": "885CF0FC-A707-4E8F-BCA8-45BC83FC06EE", "versionEndExcluding": "1.14.8", "versionStartIncluding": "1.14.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:hashicorp:vault:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "D1BCB828-CA09-433F-96C3-4653B565DF1F", "versionEndExcluding": "1.14.8", "versionStartIncluding": "1.14.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:hashicorp:vault:*:*:*:*:*:*:*:*", "matchCriteriaId": "89F657D5-0195-4A10-80B3-C12ACFFA5B0E", "versionEndExcluding": "1.15.4", "versionStartIncluding": "1.15.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:hashicorp:vault:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "CB94C54C-E891-47FD-8695-DFE0652F0E30", "versionEndExcluding": "1.15.4", "versionStartIncluding": "1.15.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "HashiCorp Vault and Vault Enterprise 1.12.0 and newer are vulnerable to a denial of service through memory exhaustion of the host when handling large unauthenticated and authenticated HTTP requests from a client. Vault will attempt to map the request to memory, resulting in the exhaustion of available memory on the host, which may cause Vault to crash.\n\nFixed in\u00a0Vault 1.15.4, 1.14.8, 1.13.12."}, {"lang": "es", "value": "HashiCorp Vault y Vault Enterprise 1.12.0 y versiones posteriores son vulnerables a una denegaci\u00f3n de servicio debido al agotamiento de la memoria del host cuando se manejan grandes solicitudes HTTP autenticadas y no autenticadas de un cliente. Vault intentar\u00e1 asignar la solicitud a la memoria, lo que provocar\u00e1 que se agote la memoria disponible en el host, lo que puede provocar que Vault falle. Corregido en Vault 1.15.4, 1.14.8, 1.13.12."}], "id": "CVE-2023-6337", "lastModified": "2025-02-13T18:16:08.143", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "security@hashicorp.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-12-08T22:15:07.713", "references": [{"source": "security@hashicorp.com", "tags": ["Vendor Advisory"], "url": "https://discuss.hashicorp.com/t/hcsec-2023-34-vault-vulnerable-to-denial-of-service-through-memory-exhaustion-when-handling-large-http-requests/60741"}, {"source": "security@hashicorp.com", "url": "https://security.netapp.com/advisory/ntap-20240112-0006/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://discuss.hashicorp.com/t/hcsec-2023-34-vault-vulnerable-to-denial-of-service-through-memory-exhaustion-when-handling-large-http-requests/60741"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.netapp.com/advisory/ntap-20240112-0006/"}], "sourceIdentifier": "security@hashicorp.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-770"}], "source": "security@hashicorp.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-770"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "hashicorp-vault: denial of service through memory exhaustion", "id": "2253848", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253848"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-770", "details": ["HashiCorp Vault and Vault Enterprise 1.12.0 and newer are vulnerable to a denial of service through memory exhaustion of the host when handling large unauthenticated and authenticated HTTP requests from a client. Vault will attempt to map the request to memory, resulting in the exhaustion of available memory on the host, which may cause Vault to crash.\nFixed in\u00a0Vault 1.15.4, 1.14.8, 1.13.12.", "A flaw was found in HashiCorp Vault and Vault Enterprise 1.12.0. When handling large HTTP requests from a client, Vault will attempt to map the request to memory, resulting in the exhaustion of available memory on the host, which may cause Vault to crash."], "name": "CVE-2023-6337", "package_state": [{"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Not affected", "package_name": "openshift-pipelines-client", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:camel_spring_boot:4", "fix_state": "Not affected", "package_name": "rhint-camel-spring-boot", "product_name": "Red Hat build of Apache Camel for Spring Boot 4"}, {"cpe": "cpe:/a:redhat:openshift_data_foundation:4", "fix_state": "Not affected", "package_name": "mcg", "product_name": "Red Hat Openshift Data Foundation 4"}, {"cpe": "cpe:/a:redhat:openshift_data_foundation:4", "fix_state": "Not affected", "package_name": "odf4/cephcsi-rhel9", "product_name": "Red Hat Openshift Data Foundation 4"}, {"cpe": "cpe:/a:redhat:openshift_data_foundation:4", "fix_state": "Not affected", "package_name": "odf4/mcg-cli-rhel9", "product_name": "Red Hat Openshift Data Foundation 4"}, {"cpe": "cpe:/a:redhat:openshift_data_foundation:4", "fix_state": "Not affected", "package_name": "odf4/mcg-rhel9-operator", "product_name": "Red Hat Openshift Data Foundation 4"}, {"cpe": "cpe:/a:redhat:openshift_data_foundation:4", "fix_state": "Not affected", "package_name": "odf4/ocs-rhel9-operator", "product_name": "Red Hat Openshift Data Foundation 4"}, {"cpe": "cpe:/a:redhat:openshift_data_foundation:4", "fix_state": "Not affected", "package_name": "odf4/odf-rhel8-operator", "product_name": "Red Hat Openshift Data Foundation 4"}], "public_date": "2023-12-08T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-6337\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-6337"], "statement": "Red Hat is not affected by this vulnerability.", "threat_severity": "Moderate"}

{}