CVE-2026-5052

MEDIUM5.3EPSS 0.02%

HashiCorp Vault has Server-Side Request Forgery in ACME Challenge Validation via Attacker-Controlled DNS

發布日:2026/4/17修改日:2026/4/21

也稱為:GHSA-8r5m-3f66-qpr3BIT-vault-2026-5052

描述

Vault’s PKI engine’s ACME validation did not reject local targets when issuing http-01 and tls-alpn-01 challenges. This may lead to these requests being sent to local network targets, potentially leading to information disclosure. Fixed in Vault Community Edition 2.0.0 and Vault Enterprise 2.0.0, 1.21.5, 1.20.10, and 1.19.16.

受影響套件(2)

Bitnami/vault>= 0.10.0, < 2.0.0
Go/github.com/hashicorp/vault>= 1.14.0, <= 1.21.4

CVSS 分數

來源	版本	嚴重程度	向量
osv	CVSS 3.1	MEDIUM5.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

參考連結(3)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2026-5052
PATCHhttps://github.com/hashicorp/vault
WEBhttps://discuss.hashicorp.com/t/hcsec-2026-06-vault-vulnerable-to-server-side-request-forgery-in-acme-challenge-validation-via-attacker-controlled-dns/77343