CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2023-32082 – etcd key name can be accessed via LeaseTimeToLive API
https://notcve.org/view.php?id=CVE-2023-32082
11 May 2023 — etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.26 and 3.5.9, the LeaseTimeToLive API allows access to key names (not value) associated to a lease when `Keys` parameter is true, even a user doesn't have read permission to the keys. The impact is limited to a cluster which enables auth (RBAC). Versions 3.4.26 and 3.5.9 fix this issue. There are no known workarounds. • https://github.com/etcd-io/etcd/blob/main/CHANGELOG/CHANGELOG-3.4.md • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-15136 – Improper authentication in etcd
https://notcve.org/view.php?id=CVE-2020-15136
06 Aug 2020 — In ectd before versions 3.4.10 and 3.3.23, gateway TLS authentication is only applied to endpoints detected in DNS SRV records. When starting a gateway, TLS authentication will only be attempted on endpoints identified in DNS SRV records for a given domain, which occurs in the discoverEndpoints function. No authentication is performed against endpoints provided in the --endpoints flag. This has been fixed in versions 3.4.10 and 3.3.23 with improved documentation and deprecation of the functionality. En ectd... • https://github.com/etcd-io/etcd/blob/master/Documentation/op-guide/gateway.md • CWE-287: Improper Authentication CWE-306: Missing Authentication for Critical Function •
CVSS: 7.7EPSS: 0%CPEs: 3EXPL: 0CVE-2020-15114 – Denial of Service in etcd
https://notcve.org/view.php?id=CVE-2020-15114
06 Aug 2020 — In etcd before versions 3.3.23 and 3.4.10, the etcd gateway is a simple TCP proxy to allow for basic service discovery and access. However, it is possible to include the gateway address as an endpoint. This results in a denial of service, since the endpoint can become stuck in a loop of requesting itself until there are no more available file descriptors to accept connections on the gateway. En etcd anteriores a las versiones 3.3.23 y 3.4.10, la puerta de enlace etcd es un proxy TCP simple para permitir el ... • https://github.com/etcd-io/etcd/security/advisories/GHSA-2xhq-gv6c-p224 • CWE-400: Uncontrolled Resource Consumption CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-15115 – No minimum password length in etcd
https://notcve.org/view.php?id=CVE-2020-15115
06 Aug 2020 — etcd before versions 3.3.23 and 3.4.10 does not perform any password length validation, which allows for very short passwords, such as those with a length of one. This may allow an attacker to guess or brute-force users' passwords with little computational effort. etcd anterior a las versiones 3.3.23 y 3.4.10, no lleva a cabo ninguna comprobación de longitud de contraseña, lo que permite contraseñas muy cortas, como aquellas con una longitud de uno. Esto puede permitir a un atacante adivinar o forzar las co... • https://github.com/etcd-io/etcd/security/advisories/GHSA-4993-m7g5-r9hh • CWE-305: Authentication Bypass by Primary Weakness CWE-521: Weak Password Requirements •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-15112 – Improper Input Validation in etcd
https://notcve.org/view.php?id=CVE-2020-15112
05 Aug 2020 — In etcd before versions 3.3.23 and 3.4.10, it is possible to have an entry index greater then the number of entries in the ReadAll method in wal/wal.go. This could cause issues when WAL entries are being read during consensus as an arbitrary etcd consensus participant could go down from a runtime panic when reading the entry. En etcd versiones anteriores a 3.3.23 y 3.4.10, es posible tener un índice de entrada mayor que el número de entradas en el método ReadAll en el archivo wal/wal.go. Esto podría causar ... • https://github.com/etcd-io/etcd/security/advisories/GHSA-m332-53r6-2w93 • CWE-20: Improper Input Validation CWE-129: Improper Validation of Array Index CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2020-15113 – Improper Preservation of Permissions in etcd
https://notcve.org/view.php?id=CVE-2020-15113
05 Aug 2020 — In etcd before versions 3.3.23 and 3.4.10, certain directory paths are created (etcd data directory and the directory path when provided to automatically generate self-signed certificates for TLS connections with clients) with restricted access permissions (700) by using the os.MkdirAll. This function does not perform any permission checks when a given directory path exists already. A possible workaround is to ensure the directories have the desired permission (700). En etcd versiones anteriores a 3.3.23 y ... • https://github.com/etcd-io/etcd/security/advisories/GHSA-chh6-ppwq-jh92 • CWE-281: Improper Preservation of Permissions CWE-285: Improper Authorization •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-15106 – Improper Input Validation in etcd
https://notcve.org/view.php?id=CVE-2020-15106
05 Aug 2020 — In etcd before versions 3.3.23 and 3.4.10, a large slice causes panic in decodeRecord method. The size of a record is stored in the length field of a WAL file and no additional validation is done on this data. Therefore, it is possible to forge an extremely large frame size that can unintentionally panic at the expense of any RAFT participant trying to decode the WAL. En etcd versiones anteriores a 3.3.23 y 3.4.10, un segmento grande causa pánico en el método decodeRecord. El tamaño de un registro es almace... • https://github.com/etcd-io/etcd/security/advisories/GHSA-p4g4-wgrh-qrg2 • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.1EPSS: 1%CPEs: 6EXPL: 0CVE-2018-16886 – etcd: Improper Authentication in auth/store.go:AuthInfoFromTLS() via gRPC-gateway
https://notcve.org/view.php?id=CVE-2018-16886
14 Jan 2019 — etcd versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11 are vulnerable to an improper authentication issue when role-based access control (RBAC) is used and client-cert-auth is enabled. If an etcd client server TLS certificate contains a Common Name (CN) which matches a valid RBAC username, a remote attacker may authenticate as that user with any valid (trusted) client certificate in a REST API request to the gRPC-gateway. etcd, en sus versiones 3.2.x anteriores a la 3.2.26 y versiones 3.3.x anteriores a ... • http://www.securityfocus.com/bid/106540 • CWE-287: Improper Authentication •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2018-1098
https://notcve.org/view.php?id=CVE-2018-1098
03 Apr 2018 — A cross-site request forgery flaw was found in etcd 3.3.1 and earlier. An attacker can set up a website that tries to send a POST request to the etcd server and modify a key. Adding a key is done with PUT so it is theoretically safe (can't PUT from an HTML form or such) but POST allows creating in-order keys that an attacker can send. Se ha encontrado un fallo de Cross-Site Request Forgery (CSRF) en etcd, en versiones 3.3.1 y anteriores. Un atacante puede configurar un sitio web que intenta enviar una petic... • https://bugzilla.redhat.com/show_bug.cgi?id=1552714 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2018-1099
https://notcve.org/view.php?id=CVE-2018-1099
03 Apr 2018 — DNS rebinding vulnerability found in etcd 3.3.1 and earlier. An attacker can control his DNS records to direct to localhost, and trick the browser into sending requests to localhost (or any other address). Se ha encontrado una vulnerabilidad de revinculación de DNS en etcd, en versiones 3.3.1 y anteriores. Un atacante puede controlar sus registros de DNS para dirigirse a locahost y engañar al navegador para que envíe peticiones a localhost (o a cualquier otra dirección). • https://bugzilla.redhat.com/show_bug.cgi?id=1552717 • CWE-20: Improper Input Validation •