Etcd-Io · Etcd-Io · CVE-2021-28235
**Name of the Vulnerable Software and Affected Versions**
Etcd-io version 3.4.10
**Description**
The issue is related to an authentication vulnerability that can be exploited by sending an authentication request to the etcdserver with a username and password, potentially allowing a remote attacker to escalate privileges. This vulnerability can be exploited via the debug function.
**Recommendations**
For Etcd-io version 3.4.10, update to version 3.5.8 or apply the backported fix to version 3.4 to resolve the issue. As a temporary workaround, consider disabling the debug function until a patch is available.