CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
Low
EPSS
Percentile
98.4%
A highly-available key value store for shared configuration
Security Fix(es):
Incomplete fix for CVE-2023-39325/CVE-2023-44487 in OpenStack Platform
(CVE-2024-4438)
Incomplete fix for CVE-2021-44716 in OpenStack Platform (CVE-2024-4437)
Incomplete fix for CVE-2022-41723 in OpenStack Platform (CVE-2024-4436)
golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288)
golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests (CVE-2023-39326)
golang: crypto/tls: lack of a limit on buffered post-handshake (CVE-2023-39322)
golang: crypto/tls: panic when processing post-handshake message on QUIC connections (CVE-2023-39321)
golang: html/template: improper handling of special tags within script contexts (CVE-2023-39319)
golang: html/template: improper handling of HTML-like comments within script contexts (CVE-2023-39318
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page listed in the References section.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 8 | x86_64 | etcd | < 3.3.23-16.el8ost | etcd-3.3.23-16.el8ost.x86_64.rpm |
RedHat | 8 | ppc64le | etcd-debuginfo | < 3.3.23-16.el8ost | etcd-debuginfo-3.3.23-16.el8ost.ppc64le.rpm |
RedHat | 8 | ppc64le | etcd-debugsource | < 3.3.23-16.el8ost | etcd-debugsource-3.3.23-16.el8ost.ppc64le.rpm |
RedHat | 8 | ppc64le | etcd | < 3.3.23-16.el8ost | etcd-3.3.23-16.el8ost.ppc64le.rpm |
RedHat | 8 | x86_64 | etcd-debugsource | < 3.3.23-16.el8ost | etcd-debugsource-3.3.23-16.el8ost.x86_64.rpm |
RedHat | 8 | x86_64 | etcd-debuginfo | < 3.3.23-16.el8ost | etcd-debuginfo-3.3.23-16.el8ost.x86_64.rpm |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
Low
EPSS
Percentile
98.4%