794 matches found
UBUNTU-CVE-2018-16886
etcd versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11 are vulnerable to an improper authentication issue when role-based access control RBAC is used and client-cert-auth is enabled. If an etcd client server TLS certificate contains a Common Name CN which matches a valid RBAC username, a remot...
CVE-2018-16886
etcd versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11 are vulnerable to an improper authentication issue when role-based access control RBAC is used and client-cert-auth is enabled. If an etcd client server TLS certificate contains a Common Name CN which matches a valid RBAC username, a remot...
DEBIAN-CVE-2018-16886
etcd versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11 are vulnerable to an improper authentication issue when role-based access control RBAC is used and client-cert-auth is enabled. If an etcd client server TLS certificate contains a Common Name CN which matches a valid RBAC username, a remot...
CVE-2018-16886
etcd versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11 are vulnerable to an improper authentication issue when role-based access control RBAC is used and client-cert-auth is enabled. If an etcd client server TLS certificate contains a Common Name CN which matches a valid RBAC username, a remot...
CVE-2018-16886
etcd versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11 are vulnerable to an improper authentication issue when role-based access control RBAC is used and client-cert-auth is enabled. If an etcd client server TLS certificate contains a Common Name CN which matches a valid RBAC username, a remot...
CVE-2018-16886
CVE-2018-16886 affects etcd 3.2.x before 3.2.26 and 3.3.x before 3.3.11. The vulnerability is an improper authentication issue when RBAC is enabled and client-cert-auth is used; if an etcd TLS certificate CN matches a valid RBAC username, a remote attacker could authenticate as that user using an...
CVE-2018-16886
etcd versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11 are vulnerable to an improper authentication issue when role-based access control RBAC is used and client-cert-auth is enabled. If an etcd client server TLS certificate contains a Common Name CN which matches a valid RBAC username, a remot...
RHEL 7 : kubernetes (RHSA-2015:1945)
Updated kubernetes packages that fix one security issue are now available for Red Hat OpenShift Enterprise 3.0. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
RHEL 7 : atomic-openshift-utils (RHSA-2016:2778)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2016:2778 advisory. Red Hat OpenShift Container Platform is the company's cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private cloud...
PT-2018-2974 · Coreos +2 · Etcd +2
Name of the Vulnerable Software and Affected Versions: etcd versions 3.2.x through 3.2.25 etcd versions 3.3.x through 3.3.10 Description: The issue concerns an improper authentication problem when role-based access control RBAC is used and client-cert-auth is enabled. If an etcd client server TLS...
openshift-ansible: Incorrectly quoted values in etcd.conf causes disabling of SSL client certificate authentication
OpenShift and Atomic Enterprise Ansible deploys a misconfigured etcd file that causes the SSL client certificate authentication to be disabled. Quotations around the values of ETCDCLIENTCERTAUTH and ETCDPEERCLIENTCERTAUTH in etcd.conf result in etcd being configured to allow remote users to conne...
CVE-2018-1085
openshift-ansible before versions 3.9.23, 3.7.46 deploys a misconfigured etcd file that causes the SSL client certificate authentication to be disabled. Quotations around the values of ETCDCLIENTCERTAUTH and ETCDPEERCLIENTCERTAUTH in etcd.conf result in etcd being configured to allow remote users...
CVE-2018-1085
openshift-ansible before versions 3.9.23, 3.7.46 deploys a misconfigured etcd file that causes the SSL client certificate authentication to be disabled. Quotations around the values of ETCDCLIENTCERTAUTH and ETCDPEERCLIENTCERTAUTH in etcd.conf result in etcd being configured to allow remote users...
Design/Logic Flaw
openshift-ansible before versions 3.9.23, 3.7.46 deploys a misconfigured etcd file that causes the SSL client certificate authentication to be disabled. Quotations around the values of ETCDCLIENTCERTAUTH and ETCDPEERCLIENTCERTAUTH in etcd.conf result in etcd being configured to allow remote users...
CVE-2018-1085
openshift-ansible before versions 3.9.23, 3.7.46 deploys a misconfigured etcd file that causes the SSL client certificate authentication to be disabled. Quotations around the values of ETCDCLIENTCERTAUTH and ETCDPEERCLIENTCERTAUTH in etcd.conf result in etcd being configured to allow remote users...
CVE-2018-1085
CVE-2018-1085 affects OpenShift OpenShift-ansible deployments: OpenShift Ansible before 3.9.23 and 3.7.46 deploys etcd with a misconfigured etcd.conf where ETCD_CLIENT_CERT_AUTH and ETCD_PEER_CLIENT_CERT_AUTH values are quoted, causing SSL client certificate authentication to be disabled. This en...
Cross-site Request Forgery (CSRF)
github.com/coreos/etcd is vulnerable to cross-site request forgery CSRF attacks. The vulnerability exists as there are no host whitelists in place to prevent unauthorized websites from sending unauthorized POST requests to the etcd server...
DNS Rebinding
github.com/coreos/etcd is vulnerable to DNS rebinding. The vulnerability exists because it does not prevent the attacker to use its DNS records to direct to localhost, and trick the browser into sending requests to localhost or any other address...
Etcd Version Scanner
This module connections to etcd API endpoints, typically on 2379/TCP, and attempts to obtain the version of etcd. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Etcd Version Scanner',...
CVE-2018-1098
A cross-site request forgery flaw was found in etcd 3.3.1 and earlier. An attacker can set up a website that tries to send a POST request to the etcd server and modify a key. Adding a key is done with PUT so it is theoretically safe can't PUT from an HTML form or such but POST allows creating...