CVE-2024-2660

Vulnerability Description

Vault and Vault Enterprise TLS certificates auth method did not correctly validate OCSP responses when one or more OCSP sources were configured. This vulnerability, CVE-2024-2660, affects Vault and Vault Enterprise 1.14.0 and above, and is fixed in Vault 1.16.0 and Vault Enterprise 1.16.1, 1.15.7, and 1.14.11.

Vulnerability Details

Published Date

April 04, 2024

Last Modified

August 08, 2025

Source

NVD

CVE-2024-2660

Vulnerability Description

Vulnerability Details

Discussion (0)

Add Comment