etcd: no authentication is performed against endpoints provided in the --endpoints flag

A flaw was found in etcd. The gateway TLS authentication is only applied to endpoints detected in DNS SRV records. When starting a gateway, TLS authentication will only be attempted on endpoints identified in DNS SRV records for a given domain, which occurs in the discoverEndpoints function. No...

AZL-6393 CVE-2020-15136 affecting package etcd for versions less than 3.5.0-3

In ectd before versions 3.4.10 and 3.3.23, gateway TLS authentication is only applied to endpoints detected in DNS SRV records. When starting a gateway, TLS authentication will only be attempted on endpoints identified in DNS SRV records for a given domain, which occurs in the discoverEndpoints...

UBUNTU-CVE-2020-15136

In ectd before versions 3.4.10 and 3.3.23, gateway TLS authentication is only applied to endpoints detected in DNS SRV records. When starting a gateway, TLS authentication will only be attempted on endpoints identified in DNS SRV records for a given domain, which occurs in the discoverEndpoints...

PT-2020-14216 · Coreos +1 · Etcd +1

Name of the Vulnerable Software and Affected Versions: etcd versions prior to 3.4.10 etcd versions prior to 3.3.23 Description: The issue concerns the gateway TLS authentication in etcd, which is only applied to endpoints detected in DNS SRV records. When starting a gateway, TLS authentication wi...