{"id":67257,"date":"2025-08-01T23:32:07","date_gmt":"2025-08-01T20:02:07","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2025-6015-vault-two-factor-authentication-bypass-and-token-reuse\/"},"modified":"2025-08-01T23:32:07","modified_gmt":"2025-08-01T20:02:07","slug":"cve-2025-6015-vault-two-factor-authentication-bypass-and-token-reuse","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2025-6015-vault-two-factor-authentication-bypass-and-token-reuse\/","title":{"rendered":"CVE-2025-6015 &#8211; Vault Two-Factor Authentication Bypass and Token Reuse"},"content":{"rendered":"<p><strong>CVE ID : <\/strong>CVE-2025-6015<br \/>\n<br \/>\n<strong>Published : <\/strong> Aug. 1, 2025, 6:15 p.m. | 1\u00a0hour, 22\u00a0minutes ago<br \/>\n<br \/>\n<strong>Description : <\/strong>Vault and Vault Enterprise\u2019s (\u201cVault\u201d) login MFA rate limits could be bypassed and TOTP tokens could be reused. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23.<br \/>\n<br \/>\n<strong>Severity:<\/strong> 5.7 | MEDIUM<br \/>\n<br \/>\nVisit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID : CVE-2025-6015 Published : Aug. 1, 2025, 6:15 p.m. | 1\u00a0hour, 22\u00a0minutes ago Description : Vault and Vault Enterprise\u2019s (\u201cVault\u201d) login MFA rate limits could be bypassed and TOTP tokens could be reused. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23. Severity: 5.7 | MEDIUM Visit the &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-67257","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/67257","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=67257"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/67257\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=67257"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=67257"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=67257"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}