CVE-2025-55000

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

O

penBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 0.1.0 through 2.3.1, OpenBao's TOTP secrets engine could accept valid codes multiple times rather than strictly-once. This was caused by unexpected normalization in the underlying TOTP library. To work around, ensure that all codes are first normalized before submitting to the OpenBao endpoint. TOTP code verification is a privileged action; only trusted systems should be verifying codes.

References

Link	Resource
https://discuss.hashicorp.com/t/hcsec-2025-17-vault-totp-secrets-engine-code-reuse/76036	Not Applicable
https://github.com/openbao/openbao/commit/183891f8d535d5b6eb3d79fda8200cade6de99e1	Patch
https://github.com/openbao/openbao/security/advisories/GHSA-f7c3-mhj2-9pvg	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:openbao:openbao:*:*:*:*:*:*:*:*

History

12 Aug 2025, 20:44

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-08-09 03:15

Updated : 2025-11-13 17:55

NVD link : CVE-2025-55000

Mitre link : CVE-2025-55000

CVE.ORG link : CVE-2025-55000

JSON object : View

Products Affected

openbao

CWE

CWE-156

Improper Neutralization of Whitespace

{"id": "CVE-2025-55000", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2025-08-09T03:15:46.737", "references": [{"url": "https://discuss.hashicorp.com/t/hcsec-2025-17-vault-totp-secrets-engine-code-reuse/76036", "tags": ["Not Applicable"], "source": "[email protected]"}, {"url": "https://github.com/openbao/openbao/commit/183891f8d535d5b6eb3d79fda8200cade6de99e1", "tags": ["Patch"], "source": "[email protected]"}, {"url": "https://github.com/openbao/openbao/security/advisories/GHSA-f7c3-mhj2-9pvg", "tags": ["Vendor Advisory"], "source": "[email protected]"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-156"}]}], "descriptions": [{"lang": "en", "value": "OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 0.1.0 through 2.3.1, OpenBao's TOTP secrets engine could accept valid codes multiple times rather than strictly-once. This was caused by unexpected normalization in the underlying TOTP library. To work around, ensure that all codes are first normalized before submitting to the OpenBao endpoint. TOTP code verification is a privileged action; only trusted systems should be verifying codes."}, {"lang": "es", "value": "OpenBao existe para proporcionar una soluci\u00f3n de software que permite gestionar, almacenar y distribuir datos confidenciales, como secretos, certificados y claves. En las versiones 0.1.0 a 2.3.1, el motor de secretos TOTP de OpenBao pod\u00eda aceptar c\u00f3digos v\u00e1lidos varias veces en lugar de solo una. Esto se deb\u00eda a una normalizaci\u00f3n inesperada en la librer\u00eda TOTP subyacente. Para solucionar este problema, aseg\u00farese de que todos los c\u00f3digos se normalicen antes de enviarlos al endpoint de OpenBao. La verificaci\u00f3n de c\u00f3digos TOTP es una acci\u00f3n privilegiada; solo los sistemas de confianza deben verificar los c\u00f3digos."}], "lastModified": "2025-11-13T17:55:51.443", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:openbao:openbao:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5572B591-02AC-4B8F-8956-FC9A606D7F32", "versionEndExcluding": "2.3.2"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}