CVE-2025-3879 MEDIUM

CVE-2025-3879: Vault’s Azure Authentication Method bound_location Restriction Could be Bypassed on Login

Vendor Hashicorp
Product Vault
Weakness CWE-863 · Incorrect authorization
Published May 2, 2025
Last update May 2, 2025

CVSS base score

6.6/10
Attack vector Network
Attack complexity High
Privileges required High
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

Vault Community, Vault Enterprise (“Vault”) Azure Auth method did not correctly validate the claims in the Azure-issued token, resulting in the potential bypass of the bound_locations parameter on login. Fixed in Vault Community Edition 1.19.1 and Vault Enterprise 1.19.1, 1.18.7, 1.17.14, 1.16.18.

Key dates

02Disclosure timeline

May 2, 2025 CVE published
May 2, 2025 Record updated