Description

OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 2.3.1 and below, some OpenBao deployments intentionally limit privileged API operators from executing system code or making network connections. However, these operators can bypass both restrictions through the audit subsystem by manipulating log prefixes. This allows unauthorized code execution and network access that violates the intended security model. This issue is fixed in version 2.3.2. To workaround, users can block access to sys/audit/* endpoints using explicit deny policies, but root operators cannot be restricted this way.

INFO

Published Date :

2025-08-09T01:56:45.634Z

Last Modified :

2025-08-11T13:56:43.049Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2025-54997 vulnerability.

Vendors Products
Openbao Project
  • Openbao
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-54997.

URL Resource
https://discuss.hashicorp.com/t/hcsec-2025-14-privileged-vault-operator-may-execute-code-on-the-underlying-host/76033 cve-icon cve-icon
https://github.com/openbao/openbao/pull/1634 cve-icon cve-icon
https://github.com/openbao/openbao/releases/tag/v2.3.2 cve-icon cve-icon
https://github.com/openbao/openbao/security/advisories/GHSA-xp75-r577-cvhp cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact