Lucene search
K

11 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2018-1098

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A cross-site request forgery flaw was found in etcd 3.3.1 and earlier. An attacker can set up a website that tries to send a POST request to the etcd server and...

8.8CVSS7.2AI score0.01266EPSS
Exploits1References4
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/29 9:50 a.m.33 views

Security Bulletin: IBM Storage Protect Server is susceptible to multiple vulnerabilities due to key-value store "etcd". (CVE-2018-1098, CVE-2018-1099, CVE-2022-34038, CVE-2021-2823).

Summary The distributed key-value store, etcd, used by IBM Storage Protect Server is vulnerable to cross-site scripting, denial of service, or unauthorized access to the host system. This bulletin outlines the steps to address these vulnerabilities. Vulnerability Details CVEID:CVE-2018-1098...

9.8CVSS7.8AI score0.01605EPSS
Exploits2Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/07/24 12:0 a.m.26 views

Photon OS 4.0: Coredns PHSA-2023-4.0-0420

An update of the coredns package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0420. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

8.8CVSS7.1AI score0.01636EPSS
Exploits2References10
Tenable Nessus
Tenable Nessus
added 2024/07/24 12:0 a.m.22 views

Photon OS 4.0: Calico PHSA-2023-4.0-0427

An update of the calico package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0427. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

9.8CVSS8AI score0.02737EPSS
Exploits3References14
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.27 views

RHEL 7 : etcd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - etcd: Cross-site request forgery via crafted local POST forms CVE-2018-1098 - etcd: Information discosure...

9.8CVSS8.2AI score0.01952EPSS
Exploits2References11
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/24 1:11 p.m.44 views

Security Bulletin: CVE-2018-1099, CVE-2018-1098 may affect IBM CICS TX Advanced

Summary CVE-2018-1099, CVE-2018-1098 related to etcd package may affect IBM CICS TX Advanced. IBM CICS TX Advanced has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2018-1099 DESCRIPTION: etcd could allow a remote attacker to gain access to the DNS records, caused by a DNS...

8.8CVSS6.9AI score0.01266EPSS
Exploits2Affected Software1
ALT Linux
ALT Linux
added 2020/04/26 12:0 a.m.29 views

Security fix for the ALT Linux 10 package etcd version 3.4.7-alt1

April 26, 2020 Alexey Shabalin 3.4.7-alt1 - 3.4.7 Fixes: CVE-2018-1098, CVE-2018-1099, CVE-2018-16886...

6.8CVSS6.8AI score0.04031EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2020/04/07 4:45 p.m.22 views

CVE-2018-1098

A cross-site request forgery flaw has been discovered in etcd. A remote attacker could set up a malicious website that execute POST requests to an etcd server to modify or add a key. Mitigation Configure and enable authentication on the etcd server...

8.8CVSS3.1AI score0.01266EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2019/05/06 12:0 a.m.39 views

Fedora 29 : etcd (2019-219b0b0b6a)

etcd.service: do not pass command line flags already defined in environment ---- Fix building of etcd ---- Bump to commit f29b1ada19713544b698dab8c94c97cfa1e83dac ---- Bump to commit e1ca3b4434945e57e8e3a451cdbde74a903cc8e1 Security fix for CVE-2018-16886 Security fix for CVE-2018-1098...

8.8CVSS6.6AI score0.04031EPSS
Exploits2References4
CVE
CVE
added 2018/04/03 4:0 p.m.87 views

CVE-2018-1098

CVE-2018-1098 affects etcd 3.3.1 and earlier, where CSRF allows an attacker to induce the etcd server to perform unauthorized actions by sending crafted POST requests via a malicious site. The description notes that PUT is safer for adding keys, but POST can be used to create in-order keys. The N...

8.8CVSS8AI score0.01266EPSS
Exploits1References4Affected Software1
Debian CVE
Debian CVE
added 2018/04/03 4:0 p.m.30 views

CVE-2018-1098

A cross-site request forgery flaw was found in etcd 3.3.1 and earlier. An attacker can set up a website that tries to send a POST request to the etcd server and modify a key. Adding a key is done with PUT so it is theoretically safe can't PUT from an HTML form or such but POST allows creating...

8.8CVSS8.6AI score0.01266EPSS
Exploits1
Rows per page
Query Builder