{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-4656", "assignerOrgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc", "state": "PUBLISHED", "assignerShortName": "HashiCorp", "dateReserved": "2025-05-13T15:30:55.244Z", "datePublished": "2025-06-25T16:15:11.861Z", "dateUpdated": "2025-06-25T20:05:45.581Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["64 bit", "32 bit", "x86", "ARM", "MacOS", "Windows", "Linux"], "product": "Vault", "repo": "https://github.com/hashicorp/vault", "vendor": "HashiCorp", "versions": [{"lessThan": "1.20.0", "status": "affected", "version": "1.14.8", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "platforms": ["64 bit", "32 bit", "x86", "ARM", "MacOS", "Windows", "Linux"], "product": "Vault Enterprise", "repo": "https://github.com/hashicorp/vault", "vendor": "HashiCorp", "versions": [{"changes": [{"at": "1.19.6", "status": "unaffected"}, {"at": "1.18.11", "status": "unaffected"}, {"at": "1.17.17", "status": "unaffected"}, {"at": "1.16.22", "status": "unaffected"}], "lessThan": "1.20.0", "status": "affected", "version": "1.14.8", "versionType": "semver"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Vault Community and Vault Enterprise rekey and recovery key operations can lead to a denial of service due to uncontrolled cancellation by a Vault operator. This vulnerability (CVE-2025-4656) has been remediated in Vault Community Edition 1.20.0 and Vault Enterprise 1.20.0, 1.19.6, 1.18.11, 1.17.17, and 1.16.22.</p><br/>"}], "value": "Vault Community and Vault Enterprise rekey and recovery key operations can lead to a denial of service due to uncontrolled cancellation by a Vault operator. This vulnerability (CVE-2025-4656) has been remediated in Vault Community Edition 1.20.0 and Vault Enterprise 1.20.0, 1.19.6, 1.18.11, 1.17.17, and 1.16.22."}], "impacts": [{"capecId": "CAPEC-469", "descriptions": [{"lang": "en", "value": "CAPEC-469: HTTP DoS"}]}], "metrics": [{"cvssV3_1": {"baseScore": 3.1, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-1088", "description": "CWE-1088: Synchronous Access of Remote Resource without Timeout", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc", "shortName": "HashiCorp", "dateUpdated": "2025-06-25T16:17:34.648Z"}, "references": [{"url": "https://discuss.hashicorp.com/t/hcsec-2025-11-vault-vulnerable-to-recovery-key-cancellation-denial-of-service/75570"}], "source": {"advisory": "HCSEC-2025-11", "discovery": "EXTERNAL"}, "title": "Vault Vulnerable to Recovery Key Cancellation Denial of Service"}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-06-25T20:05:40.541730Z", "id": "CVE-2025-4656", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-25T20:05:45.581Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-4656", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-06-25T20:05:40.541730Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-25T20:05:29.383Z"}}], "cna": {"title": "Vault Vulnerable to Recovery Key Cancellation Denial of Service", "source": {"advisory": "HCSEC-2025-11", "discovery": "EXTERNAL"}, "impacts": [{"capecId": "CAPEC-469", "descriptions": [{"lang": "en", "value": "CAPEC-469: HTTP DoS"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "baseScore": 3.1, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"repo": "https://github.com/hashicorp/vault", "vendor": "HashiCorp", "product": "Vault", "versions": [{"status": "affected", "version": "1.14.8", "lessThan": "1.20.0", "versionType": "semver"}], "platforms": ["64 bit", "32 bit", "x86", "ARM", "MacOS", "Windows", "Linux"], "defaultStatus": "unaffected"}, {"repo": "https://github.com/hashicorp/vault", "vendor": "HashiCorp", "product": "Vault Enterprise", "versions": [{"status": "affected", "changes": [{"at": "1.19.6", "status": "unaffected"}, {"at": "1.18.11", "status": "unaffected"}, {"at": "1.17.17", "status": "unaffected"}, {"at": "1.16.22", "status": "unaffected"}], "version": "1.14.8", "lessThan": "1.20.0", "versionType": "semver"}], "platforms": ["64 bit", "32 bit", "x86", "ARM", "MacOS", "Windows", "Linux"], "defaultStatus": "unaffected"}], "references": [{"url": "https://discuss.hashicorp.com/t/hcsec-2025-11-vault-vulnerable-to-recovery-key-cancellation-denial-of-service/75570"}], "descriptions": [{"lang": "en", "value": "Vault Community and Vault Enterprise rekey and recovery key operations can lead to a denial of service due to uncontrolled cancellation by a Vault operator. This vulnerability (CVE-2025-4656) has been remediated in Vault Community Edition 1.20.0 and Vault Enterprise 1.20.0, 1.19.6, 1.18.11, 1.17.17, and 1.16.22.", "supportingMedia": [{"type": "text/html", "value": "<p>Vault Community and Vault Enterprise rekey and recovery key operations can lead to a denial of service due to uncontrolled cancellation by a Vault operator. This vulnerability (CVE-2025-4656) has been remediated in Vault Community Edition 1.20.0 and Vault Enterprise 1.20.0, 1.19.6, 1.18.11, 1.17.17, and 1.16.22.</p><br/>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-1088", "description": "CWE-1088: Synchronous Access of Remote Resource without Timeout"}]}], "providerMetadata": {"orgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc", "shortName": "HashiCorp", "dateUpdated": "2025-06-25T16:17:34.648Z"}}}, "cveMetadata": {"cveId": "CVE-2025-4656", "state": "PUBLISHED", "dateUpdated": "2025-06-25T20:05:45.581Z", "dateReserved": "2025-05-13T15:30:55.244Z", "assignerOrgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc", "datePublished": "2025-06-25T16:15:11.861Z", "assignerShortName": "HashiCorp"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:hashicorp:vault:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "362A6BF9-463B-4731-9836-EF966D67955F", "versionEndExcluding": "1.16.22", "versionStartIncluding": "1.14.8", "vulnerable": true}, {"criteria": "cpe:2.3:a:hashicorp:vault:*:*:*:*:-:*:*:*", "matchCriteriaId": "E701091F-EE3B-42DF-8A7C-DB5E6406594A", "versionEndExcluding": "1.20.0", "versionStartIncluding": "1.14.8", "vulnerable": true}, {"criteria": "cpe:2.3:a:hashicorp:vault:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "153C40C1-1A2A-4E72-9BA3-401623624286", "versionEndExcluding": "1.17.17", "versionStartIncluding": "1.17.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:hashicorp:vault:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "AA8473A3-F01E-4066-A6D7-A9441C3313EF", "versionEndExcluding": "1.18.11", "versionStartIncluding": "1.18.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:hashicorp:vault:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "4391BB57-7806-44C8-A879-6CBB8F5A5DCC", "versionEndExcluding": "1.19.6", "versionStartIncluding": "1.19.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Vault Community and Vault Enterprise rekey and recovery key operations can lead to a denial of service due to uncontrolled cancellation by a Vault operator. This vulnerability (CVE-2025-4656) has been remediated in Vault Community Edition 1.20.0 and Vault Enterprise 1.20.0, 1.19.6, 1.18.11, 1.17.17, and 1.16.22."}, {"lang": "es", "value": "Las operaciones de regeneraci\u00f3n y recuperaci\u00f3n de claves en Vault Community y Vault Enterprise pueden provocar una denegaci\u00f3n de servicio debido a una cancelaci\u00f3n incontrolada por parte del operador de Vault. Esta vulnerabilidad (CVE-2025-4656) se ha corregido en Vault Community Edition 1.20.0 y Vault Enterprise 1.20.0, 1.19.6, 1.18.11, 1.17.17 y 1.16.22."}], "id": "CVE-2025-4656", "lastModified": "2025-08-13T18:02:04.647", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 3.1, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 1.4, "source": "security@hashicorp.com", "type": "Secondary"}]}, "published": "2025-06-25T17:15:38.440", "references": [{"source": "security@hashicorp.com", "tags": ["Vendor Advisory"], "url": "https://discuss.hashicorp.com/t/hcsec-2025-11-vault-vulnerable-to-recovery-key-cancellation-denial-of-service/75570"}], "sourceIdentifier": "security@hashicorp.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1088"}], "source": "security@hashicorp.com", "type": "Secondary"}]}

{"bugzilla": {"description": "github.com/hashicorp/vault: Vault Denial of Service", "id": "2374792", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374792"}, "csaw": false, "cvss3": {"cvss3_base_score": "3.1", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "status": "draft"}, "cwe": "CWE-1088", "details": ["Vault Community and Vault Enterprise rekey and recovery key operations can lead to a denial of service due to uncontrolled cancellation by a Vault operator. This vulnerability (CVE-2025-4656) has been remediated in Vault Community Edition 1.20.0 and Vault Enterprise 1.20.0, 1.19.6, 1.18.11, 1.17.17, and 1.16.22.", "A key handling flaw has been discovered in Vault. The rekey and recovery key operations may lead to a denial of service in the vault application due to uncontrolled cancellations of these operations."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2025-4656", "package_state": [{"cpe": "cpe:/a:redhat:cert_manager:1", "fix_state": "Fix deferred", "package_name": "cert-manager/cert-manager-operator-rhel9", "product_name": "cert-manager Operator for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:openshift_data_foundation:4", "fix_state": "Fix deferred", "package_name": "odf4/cephcsi-rhel9", "product_name": "Red Hat Openshift Data Foundation 4"}, {"cpe": "cpe:/a:redhat:openshift_data_foundation:4", "fix_state": "Fix deferred", "package_name": "odf4/mcg-cli-rhel9", "product_name": "Red Hat Openshift Data Foundation 4"}, {"cpe": "cpe:/a:redhat:openshift_data_foundation:4", "fix_state": "Fix deferred", "package_name": "odf4/mcg-rhel9-operator", "product_name": "Red Hat Openshift Data Foundation 4"}, {"cpe": "cpe:/a:redhat:openshift_data_foundation:4", "fix_state": "Fix deferred", "package_name": "odf4/odf-cli-rhel9", "product_name": "Red Hat Openshift Data Foundation 4"}, {"cpe": "cpe:/a:redhat:trusted_artifact_signer:1", "fix_state": "Fix deferred", "package_name": "rhtas/client-server-rhel9", "product_name": "Red Hat Trusted Artifact Signer"}, {"cpe": "cpe:/a:redhat:trusted_artifact_signer:1", "fix_state": "Fix deferred", "package_name": "rhtas/fulcio-rhel9", "product_name": "Red Hat Trusted Artifact Signer"}], "public_date": "2025-06-25T16:15:11Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-4656\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-4656\nhttps://discuss.hashicorp.com/t/hcsec-2025-11-vault-vulnerable-to-recovery-key-cancellation-denial-of-service/75570"], "threat_severity": "Low"}