11 matches found
TencentOS Server 4: etcd (TSSA-2024:0821)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0821 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
Linux Distros Unpatched Vulnerability : CVE-2023-32082
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.26 and 3.5.9, the LeaseTimeToLive API allows access to key nam...
Photon OS 4.0: Coredns PHSA-2023-4.0-0505
An update of the coredns package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0505. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 5.0: Coredns PHSA-2023-5.0-0135
An update of the coredns package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-5.0-0135. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 4.0: Calico PHSA-2023-4.0-0427
An update of the calico package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0427. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
RHEL 9 : Red Hat OpenStack Platform 17.0 (etcd) (RHSA-2023:3441)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:3441 advisory. A highly-available key value store for shared configuration Security Fixes: Information discosure via debug function CVE-2021-28235 Key name...
CVE-2023-32082
A flaw was found in etcd. Affected versions of etcd allow a remote, authenticated attacker to use the LeaseTimeToLive API to obtain sensitive information...
CVE-2023-32082 etcd key name can be accessed via LeaseTimeToLive API
etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.26 and 3.5.9, the LeaseTimeToLive API allows access to key names not value associated to a lease when Keys parameter is true, even a user doesn't have read permission to the keys. The impact is limit...
CVE-2023-32082
CVE-2023-32082 affects etcd. The LeaseTimeToLive API (with Keys=true) could expose key names to users who lack read permission, impacting RBAC-enabled clusters. This vulnerability is fixed in etcd versions 3.4.26 and 3.5.9; upgrade to a fixed release (or newer) to remediate. No workarounds are do...
CVE-2023-32082 etcd key name can be accessed via LeaseTimeToLive API
etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.26 and 3.5.9, the LeaseTimeToLive API allows access to key names not value associated to a lease when Keys parameter is true, even a user doesn't have read permission to the keys. The impact is limit...
CVE-2023-32082 affecting package etcd for versions less than 3.5.3-10
CVE-2023-32082 affecting package etcd for versions less than 3.5.3-10. A patched version of the package is available...