CVE-2018-16886

Name of the Vulnerable Software and Affected Versions etcd versions 3.2.x through 3.2.25 etcd versions 3.3.x through 3.3.10

Description The issue concerns an improper authentication problem when role-based access control (RBAC) is used and client-cert-auth is enabled. If an etcd client server TLS certificate contains a Common Name (CN) that matches a valid RBAC username, a remote attacker may authenticate as that user with any valid client certificate in a REST API request to the gRPC-gateway. This could potentially allow unauthorized access to protected information.

Recommendations For etcd versions 3.2.x through 3.2.25, update to version 3.2.26 or later to resolve the issue. For etcd versions 3.3.x through 3.3.10, update to version 3.3.11 or later to resolve the issue. As a temporary workaround, consider disabling the client-cert-auth feature until a patch is available. Restrict access to the gRPC-gateway to minimize the risk of exploitation. Avoid using client certificates that contain a Common Name (CN) which matches a valid RBAC username in the affected REST API requests until the issue is resolved.