CVE-2024-0831

Summary

CVE-2024-0831 is a vulnerability affecting Vault and Vault Enterprise (Vault). When enabling an audit device with the `log_raw` option, Vault may inadvertently expose sensitive information. This issue arises because audit devices, even those not configured to use `log_raw`, can receive and log the sensitive data. This vulnerability could potentially lead to unintended disclosure of confidential information. It is essential for Vault users to carefully consider the implications of enabling this option and ensure proper configuration of their audit devices to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.