PT-2018-10228 · Coreos+3 · Etcd+3

Zelivans

Publicado

2018-04-03

Atualizado

2022-02-15

CVE-2018-1099

CVSS v3.1

5.5

Média

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions etcd versions 3.3.1 and earlier

Description A DNS rebinding issue allows an attacker to control DNS records, directing them to localhost and tricking the browser into sending requests to localhost or any other address.

Recommendations For etcd versions 3.3.1 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20CWE-350

Identificadores relacionados

ALT-PU-2020-1882

ALT-PU-2020-2176

CVE-2018-1099

GHSA-WF43-55JJ-VWQ8

Produtos afetados

Alt Linux

Astra Linux

Debian

Etcd

PT-2018-10228 · Coreos+3 · Etcd+3

CVE-2018-1099

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 27