Security Researcher Detected: You might have ended up here because your site vulnerability scanner found something interesting. Hi! I'm a security engineer and I'm having a good time interacting with the people and bots that are interested in information security.
You will hopefully find this site is well-secured and I'm not interested in being hacked. I'm interested in learning about how people try to hack me, though.
What is this endpoint?
vault/v1/sys/health
HashiCorp Vault Health Status
What an attacker could do
The health endpoint reveals Vault version, seal status, and HA state, helping an attacker time attacks against an unsealed instance and fingerprint version-specific vulnerabilities.
How to defend it
Restrict network access to Vault to trusted clients, enforce TLS and audit logging, keep Vault patched, and ensure auth methods and policies follow least privilege.
Connect with the Security Engineer
Learn More
Want to dive deeper into this topic? Check out the official documentation.
Read Official Documentation