Agent version
<1.21.4
Bug Report
While working on datadog-agent project, I scanned the dependency manifest and found that it uses a vulnerable version of github.com/hashicorp/vault. The scan revealed a denial-of-service issue where unauthenticated users can repeatedly trigger or cancel root token generation or rekey operations, blocking legitimate operations and disrupting service availability.
CVE Report
CVE Link
Reproduction Steps
No response
Agent configuration
No response
Operating System
No response
Other environment details
No response
Agent version
<1.21.4
Bug Report
While working on datadog-agent project, I scanned the dependency manifest and found that it uses a vulnerable version of
github.com/hashicorp/vault. The scan revealed a denial-of-service issue where unauthenticated users can repeatedly trigger or cancel root token generation or rekey operations, blocking legitimate operations and disrupting service availability.CVE Report
CVE Link
Reproduction Steps
No response
Agent configuration
No response
Operating System
No response
Other environment details
No response