Количество 7
Количество 7
CVE-2018-16886
etcd versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11 are vulnerable to an improper authentication issue when role-based access control (RBAC) is used and client-cert-auth is enabled. If an etcd client server TLS certificate contains a Common Name (CN) which matches a valid RBAC username, a remote attacker may authenticate as that user with any valid (trusted) client certificate in a REST API request to the gRPC-gateway.
CVE-2018-16886
etcd versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11 are vulnerable to an improper authentication issue when role-based access control (RBAC) is used and client-cert-auth is enabled. If an etcd client server TLS certificate contains a Common Name (CN) which matches a valid RBAC username, a remote attacker may authenticate as that user with any valid (trusted) client certificate in a REST API request to the gRPC-gateway.
CVE-2018-16886
etcd versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11 are vulnerable to an improper authentication issue when role-based access control (RBAC) is used and client-cert-auth is enabled. If an etcd client server TLS certificate contains a Common Name (CN) which matches a valid RBAC username, a remote attacker may authenticate as that user with any valid (trusted) client certificate in a REST API request to the gRPC-gateway.
CVE-2018-16886
etcd versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11 are vulnerab ...
GHSA-h6xx-pmxh-3wgp
go.etcd.io/etcd Authentication Bypass
BDU:2019-02944
Уязвимость реализации функции контроля доступа на основе ролей Role Based Access Control (RBAC) хранилища параметров конфигурации Etcd, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
SUSE-SU-2024:3656-1
Security update for etcd
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2018-16886 etcd versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11 are vulnerable to an improper authentication issue when role-based access control (RBAC) is used and client-cert-auth is enabled. If an etcd client server TLS certificate contains a Common Name (CN) which matches a valid RBAC username, a remote attacker may authenticate as that user with any valid (trusted) client certificate in a REST API request to the gRPC-gateway. | CVSS3: 8.1 | 1% Низкий | около 7 лет назад |
 | CVE-2018-16886 etcd versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11 are vulnerable to an improper authentication issue when role-based access control (RBAC) is used and client-cert-auth is enabled. If an etcd client server TLS certificate contains a Common Name (CN) which matches a valid RBAC username, a remote attacker may authenticate as that user with any valid (trusted) client certificate in a REST API request to the gRPC-gateway. | CVSS3: 6.8 | 1% Низкий | около 7 лет назад |
 | CVE-2018-16886 etcd versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11 are vulnerable to an improper authentication issue when role-based access control (RBAC) is used and client-cert-auth is enabled. If an etcd client server TLS certificate contains a Common Name (CN) which matches a valid RBAC username, a remote attacker may authenticate as that user with any valid (trusted) client certificate in a REST API request to the gRPC-gateway. | CVSS3: 8.1 | 1% Низкий | около 7 лет назад |
| CVE-2018-16886 etcd versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11 are vulnerab ... | CVSS3: 8.1 | 1% Низкий | около 7 лет назад |
| GHSA-h6xx-pmxh-3wgp go.etcd.io/etcd Authentication Bypass | CVSS3: 8.1 | 1% Низкий | почти 4 года назад |
 | BDU:2019-02944 Уязвимость реализации функции контроля доступа на основе ролей Role Based Access Control (RBAC) хранилища параметров конфигурации Etcd, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации | CVSS3: 8.1 | 1% Низкий | около 7 лет назад |
 | SUSE-SU-2024:3656-1 Security update for etcd | больше 1 года назад |
Уязвимостей на страницу