CVE-2025-13357 | HashiCorp Tooling up to 5.4.x LDAP Auth Method deny_null_bind insecure default initialization of resource

A vulnerability classified as problematic was found in HashiCorp Tooling up to 5.4.x. Affected by this vulnerability is an unknown functionality of the component LDAP Auth Method Handler. Executing manipulation of the argument deny_null_bind can lead to insecure default initialization of resource.

This vulnerability is handled as CVE-2025-13357. The attack can be executed remotely. There is not any exploit available.

Upgrading the affected component is advised.VulDB Recent EntriesRead More