CVE-2025-5999

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://discuss.hashicorp.com/t/hcsec-2025-13-vault-root-namespace-operator-may-elevate-token-privileges/76032", "name": "https://discuss.hashicorp.com/t/hcsec-2025-13-vault-root-namespace-operator-may-elevate-token-privileges/76032", "tags": ["Vendor Advisory"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "A privileged Vault operator with write permissions to the root namespace\u2019s identity endpoint could escalate their own or another user\u2019s token privileges to Vault\u2019s root policy. Fixed in Vault Community Edition 1.20.0 and Vault Enterprise 1.20.0, 1.19.6, 1.18.11 and 1.16.22."}]}, "problemtype": {"problemtype_data": [{"description": []}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2025-5999", "ASSIGNER": "security@hashicorp.com"}}, "impact": {}, "publishedDate": "2025-08-01T18:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:hashicorp:vault:*:*:*:*:enterprise:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "1.18.11", "versionStartIncluding": "1.17.0"}, {"cpe23Uri": "cpe:2.3:a:hashicorp:vault:*:*:*:*:enterprise:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "1.19.6", "versionStartIncluding": "1.19.0"}, {"cpe23Uri": "cpe:2.3:a:hashicorp:vault:*:*:*:*:-:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "1.20.0", "versionStartIncluding": "0.10.4"}, {"cpe23Uri": "cpe:2.3:a:hashicorp:vault:*:*:*:*:enterprise:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "1.16.22", "versionStartIncluding": "0.10.4"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-08-13T18:08Z"}