Improper Authentication in etcd Affected by Role-Based Access Control
CVE-2018-16886

6.8MEDIUM

Key Information:

Status
Vendor
CVE Published:
14 January 2019

What is CVE-2018-16886?

The vulnerability in etcd arises from an improper authentication mechanism when role-based access control (RBAC) is implemented alongside client-cert-auth. If an etcd client server's TLS certificate has a Common Name (CN) that corresponds to a valid RBAC username, an attacker could exploit this weakness. By using any valid, trusted client certificate in a REST API request to the gRPC-gateway, the attacker might authenticate as the legitimate user associated with that CN, potentially compromising sensitive data and system integrity.

Affected Version(s)

etcd: versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11

References

CVSS V3.1

Score:
6.8
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

CVSS V3.0

Score:
6.8
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.