{ "threat_severity" : "Important", "public_date" : "2025-10-23T19:15:16Z", "bugzilla" : { "description" : "github.com/hashicorp/vault: Vault Vulnerable to Denial of Service Due to Rate Limit Regression", "id" : "2406098", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2406098" }, "cvss3" : { "cvss3_base_score" : "7.5", "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status" : "verified" }, "cwe" : "CWE-770", "details" : [ "Vault and Vault Enterprise (“Vault”) are vulnerable to an unauthenticated denial of service when processing JSON payloads. This occurs due to a regression from a previous fix for [+HCSEC-2025-24+|https://discuss.hashicorp.com/t/hcsec-2025-24-vault-denial-of-service-though-complex-json-payloads/76393]  which allowed for processing JSON payloads before applying rate limits. This vulnerability, CVE-2025-12044, is fixed in Vault Community Edition 1.21.0 and Vault Enterprise 1.16.27, 1.19.11, 1.20.5, and 1.21.0.", "A denial of service flaw has been discovered in Hashicorp's vault product. Vault is vulnerable to an unauthenticated denial of service when processing JSON payloads. This occurs due to a regression from a previous fix for HCSEC-2025-24 which allowed for processing JSON payloads before applying rate limits." ], "affected_release" : [ { "product_name" : "Red Hat OpenShift Pipelines 1.2", "release_date" : "2026-03-05T00:00:00Z", "advisory" : "RHSA-2026:3827", "cpe" : "cpe:/a:redhat:openshift_pipelines:1.20::el9", "package" : "openshift-pipelines/pipelines-cli-tkn-rhel9:1772694865" }, { "product_name" : "Red Hat Trusted Artifact Signer 1.3", "release_date" : "2025-11-24T00:00:00Z", "advisory" : "RHSA-2025:21976", "cpe" : "cpe:/a:redhat:trusted_artifact_signer:1.3::el9", "package" : "rhtas/fulcio-rhel9:1.3.1-1763543131" }, { "product_name" : "Red Hat Trusted Artifact Signer 1.3", "release_date" : "2025-11-24T00:00:00Z", "advisory" : "RHSA-2025:21981", "cpe" : "cpe:/a:redhat:trusted_artifact_signer:1.3::el9", "package" : "rhtas/rekor-cli-rhel9:1.3.1-1763547807" }, { "product_name" : "Red Hat Trusted Artifact Signer 1.3", "release_date" : "2025-11-24T00:00:00Z", "advisory" : "RHSA-2025:21981", "cpe" : "cpe:/a:redhat:trusted_artifact_signer:1.3::el9", "package" : "rhtas/rekor-server-rhel9:1.3.1-1763545685" }, { "product_name" : "Red Hat Trusted Artifact Signer 1.3", "release_date" : "2025-11-24T00:00:00Z", "advisory" : "RHSA-2025:21984", "cpe" : "cpe:/a:redhat:trusted_artifact_signer:1.3::el9", "package" : "rhtas/timestamp-authority-rhel9:1.3.1-1763543194" }, { "product_name" : "Red Hat Trusted Artifact Signer 1.3", "release_date" : "2025-11-24T00:00:00Z", "advisory" : "RHSA-2025:21988", "cpe" : "cpe:/a:redhat:trusted_artifact_signer:1.3::el9", "package" : "rhtas/client-server-rhel9:1.3.1-1763550070" }, { "product_name" : "Red Hat Trusted Artifact Signer 1.3", "release_date" : "2025-11-24T00:00:00Z", "advisory" : "RHSA-2025:21988", "cpe" : "cpe:/a:redhat:trusted_artifact_signer:1.3::el9", "package" : "rhtas/cosign-rhel9:1.3.1-1763546693" }, { "product_name" : "Red Hat Trusted Artifact Signer 1.3", "release_date" : "2025-11-24T00:00:00Z", "advisory" : "RHSA-2025:21988", "cpe" : "cpe:/a:redhat:trusted_artifact_signer:1.3::el9", "package" : "rhtas/gitsign-rhel9:1.3.1-1763545956" }, { "product_name" : "Red Hat Trusted Artifact Signer 1.3", "release_date" : "2025-11-25T00:00:00Z", "advisory" : "RHSA-2025:22058", "cpe" : "cpe:/a:redhat:trusted_artifact_signer:1.3::el9", "package" : "rhtas/policy-controller-rhel9:0.0.2-1763550444" } ], "package_state" : [ { "product_name" : "cert-manager Operator for Red Hat OpenShift", "fix_state" : "Not affected", "package_name" : "cert-manager/cert-manager-istio-csr-rhel9", "cpe" : "cpe:/a:redhat:cert_manager:1" }, { "product_name" : "cert-manager Operator for Red Hat OpenShift", "fix_state" : "Not affected", "package_name" : "cert-manager/cert-manager-operator-bundle", "cpe" : "cpe:/a:redhat:cert_manager:1" }, { "product_name" : "cert-manager Operator for Red Hat OpenShift", "fix_state" : "Not affected", "package_name" : "cert-manager/cert-manager-operator-rhel9", "cpe" : "cpe:/a:redhat:cert_manager:1" }, { "product_name" : "cert-manager Operator for Red Hat OpenShift", "fix_state" : "Not affected", "package_name" : "cert-manager/jetstack-cert-manager-acmesolver-rhel9", "cpe" : "cpe:/a:redhat:cert_manager:1" }, { "product_name" : "cert-manager Operator for Red Hat OpenShift", "fix_state" : "Not affected", "package_name" : "cert-manager/jetstack-cert-manager-rhel9", "cpe" : "cpe:/a:redhat:cert_manager:1" }, { "product_name" : "Custom Metric Autoscaler operator for Red Hat Openshift", "fix_state" : "Not affected", "package_name" : "custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9", "cpe" : "cpe:/a:redhat:openshift_custom_metrics_autoscaler:2" }, { "product_name" : "Custom Metric Autoscaler operator for Red Hat Openshift", "fix_state" : "Not affected", "package_name" : "custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9", "cpe" : "cpe:/a:redhat:openshift_custom_metrics_autoscaler:2" }, { "product_name" : "Custom Metric Autoscaler operator for Red Hat Openshift", "fix_state" : "Not affected", "package_name" : "custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9", "cpe" : "cpe:/a:redhat:openshift_custom_metrics_autoscaler:2" }, { "product_name" : "Custom Metric Autoscaler operator for Red Hat Openshift", "fix_state" : "Not affected", "package_name" : "custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator", "cpe" : "cpe:/a:redhat:openshift_custom_metrics_autoscaler:2" }, { "product_name" : "External Secrets Operator for Red Hat OpenShift", "fix_state" : "Not affected", "package_name" : "external-secrets-operator/external-secrets-operator-rhel9", "cpe" : "cpe:/a:redhat:external_secrets_operator:1" }, { "product_name" : "External Secrets Operator for Red Hat OpenShift", "fix_state" : "Not affected", "package_name" : "external-secrets-operator/external-secrets-rhel9", "cpe" : "cpe:/a:redhat:external_secrets_operator:1" }, { "product_name" : "external secrets operator for Red Hat OpenShift - Tech Preview", "fix_state" : "Will not fix", "package_name" : "external-secrets-operator/external-secrets-operator-rhel9", "cpe" : "cpe:/a:redhat:external_secrets_operator:0" }, { "product_name" : "external secrets operator for Red Hat OpenShift - Tech Preview", "fix_state" : "Not affected", "package_name" : "external-secrets-operator/external-secrets-rhel9", "cpe" : "cpe:/a:redhat:external_secrets_operator:0" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Will not fix", "package_name" : "openshift4/oc-mirror-plugin-rhel9", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Not affected", "package_name" : "openshift4/ose-baremetal-installer-rhel9", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Not affected", "package_name" : "openshift4/ose-installer-altinfra-rhel9", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Not affected", "package_name" : "openshift4/ose-installer-artifacts-rhel9", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Not affected", "package_name" : "openshift4/ose-installer-rhel9", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Not affected", "package_name" : "openshift4/ose-kube-state-metrics-rhel9", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat Openshift Data Foundation 4", "fix_state" : "Not affected", "package_name" : "odf4/cephcsi-rhel9", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4" }, { "product_name" : "Red Hat Openshift Data Foundation 4", "fix_state" : "Not affected", "package_name" : "odf4/mcg-cli-rhel9", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4" }, { "product_name" : "Red Hat Openshift Data Foundation 4", "fix_state" : "Not affected", "package_name" : "odf4/mcg-rhel9-operator", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4" }, { "product_name" : "Red Hat Openshift Data Foundation 4", "fix_state" : "Not affected", "package_name" : "odf4/ocs-metrics-exporter-rhel9", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4" }, { "product_name" : "Red Hat Openshift Data Foundation 4", "fix_state" : "Not affected", "package_name" : "odf4/ocs-rhel9-operator", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4" }, { "product_name" : "Red Hat Openshift Data Foundation 4", "fix_state" : "Affected", "package_name" : "odf4/odf-cli-rhel9", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4" }, { "product_name" : "Red Hat Openshift Data Foundation 4", "fix_state" : "Not affected", "package_name" : "odf4/odf-multicluster-rhel9-operator", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4" }, { "product_name" : "Red Hat Openshift Data Foundation 4", "fix_state" : "Affected", "package_name" : "odf4/odf-rhel9-operator", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4" }, { "product_name" : "Red Hat Openshift Data Foundation 4", "fix_state" : "Affected", "package_name" : "odf4/rook-ceph-rhel9-operator", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4" }, { "product_name" : "Red Hat OpenStack Platform 18.0", "fix_state" : "Not affected", "package_name" : "rhoso-operators/openstack-operator-bundle", "cpe" : "cpe:/a:redhat:openstack:18.0" }, { "product_name" : "Red Hat OpenStack Platform 18.0", "fix_state" : "Not affected", "package_name" : "rhoso-operators/openstack-rhel9-operator", "cpe" : "cpe:/a:redhat:openstack:18.0" }, { "product_name" : "Red Hat Trusted Artifact Signer", "fix_state" : "Affected", "package_name" : "rhtas/rekor-backfill-redis-rhel9", "cpe" : "cpe:/a:redhat:trusted_artifact_signer:1" }, { "product_name" : "Zero Trust Workload Identity Manager - Tech Preview", "fix_state" : "Will not fix", "package_name" : "zero-trust-workload-identity-manager/spiffe-spire-agent-rhel9", "cpe" : "cpe:/a:redhat:zero_trust_workload_identity_manager:0" }, { "product_name" : "Zero Trust Workload Identity Manager - Tech Preview", "fix_state" : "Will not fix", "package_name" : "zero-trust-workload-identity-manager/spiffe-spire-oidc-discovery-provider-rhel9", "cpe" : "cpe:/a:redhat:zero_trust_workload_identity_manager:0" }, { "product_name" : "Zero Trust Workload Identity Manager - Tech Preview", "fix_state" : "Will not fix", "package_name" : "zero-trust-workload-identity-manager/spiffe-spire-server-rhel9", "cpe" : "cpe:/a:redhat:zero_trust_workload_identity_manager:0" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2025-12044\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-12044\nhttps://discuss.hashicorp.com/t/hcsec-2025-31-vault-vulnerable-to-denial-of-service-due-to-rate-limit-regression/76710\nhttps://github.com/hashicorp/vault/commit/0adb749a82071ac312d05aef8bc0fe79b6ad49a6" ], "name" : "CVE-2025-12044", "mitigation" : { "value" : "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "lang" : "en:us" }, "csaw" : false }