cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-2048,https://securityvulnerability.io/vulnerability/CVE-2024-2048,Certificate Validation Bypass Vulnerability,"A TLS certificate authentication issue in HashiCorp Vault and Vault Enterprise has been identified, whereby the product does not adequately validate client certificates when a non-CA certificate is configured as trusted. This vulnerability permits an attacker to potentially create a malicious certificate capable of circumventing standard authentication mechanisms. It is crucial for users to apply the patched versions, Vault 1.15.5 and 1.14.10, to mitigate the risks associated with this vulnerability and ensure secure operations.",Hashicorp,"Vault,Vault Enterprise",8.1,HIGH,0.0004299999854993075,false,,true,false,false,,,true,false,,2024-03-04T19:56:47.253Z,3417