{"id":"CVE-2024-1052","summary":"Boundary Vulnerable to Session Hijacking Through TLS Certificate Tampering","details":"Boundary and Boundary Enterprise (“Boundary”) is vulnerable to session hijacking through TLS certificate tampering. An attacker with privileges to enumerate active or pending sessions, obtain a private key pertaining to a session, and obtain a valid trust on first use (TOFU) token may craft a TLS certificate to hijack an active session and gain access to the underlying service or application.","aliases":["GHSA-vh73-q3rw-qx7w","GO-2024-2532"],"modified":"2026-05-28T03:55:35.297667795Z","published":"2024-02-05T20:43:53.939Z","database_specific":{"cna_assigner":"HashiCorp","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/1xxx/CVE-2024-1052.json","cwe_ids":["CWE-295"]},"references":[{"type":"WEB","url":"https://discuss.hashicorp.com/t/hcsec-2024-02-boundary-vulnerable-to-session-hijacking-through-tls-certificate-tampering/62458"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/1xxx/CVE-2024-1052.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-1052"},{"type":"PACKAGE","url":"https://github.com/hashicorp/boundary"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/hashicorp/boundary","events":[{"introduced":"bc86b4e9e9adfdf07183cbf140a2802fb453b35f"},{"fixed":"18f863514ee5c4cfa6e0cb0c497049f1b5104511"}]}],"versions":["sdk/v0.0.41","api/v0.0.44","sdk/v0.0.40","api/v0.0.43","sdk/v0.0.39","sdk/v0.0.37","api/v0.0.41","sdk/v0.0.36","api/v0.0.40","v0.13.0","sdk/v0.0.35","api/v0.0.39","sdk/v0.0.34","api/v0.0.38","sdk/v0.0.33","api/v0.0.37","sdk/v0.0.32","api/v0.0.36","sdk/v0.0.31","api/v0.0.35","sdk/v0.0.29","api/v0.0.33","v0.9.1","sdk/v0.0.28","sdk/v0.0.27","sdk/v0.0.24","sdk/v0.0.22","api/v0.0.29","sdk/v0.0.21","sdk/v0.0.20","v0.10.0","sdk/v0.0.19","api/v0.0.28","sdk/v0.0.18","api/v0.0.27","api/v0.0.26","sdk/v0.0.17","v0.9.0","sdk/v0.0.16","api/v0.0.25","v0.8.0"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-1052.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H"}]}