Vulnerability Details CVE-2020-15136
In ectd before versions 3.4.10 and 3.3.23, gateway TLS authentication is only applied to endpoints detected in DNS SRV records. When starting a gateway, TLS authentication will only be attempted on endpoints identified in DNS SRV records for a given domain, which occurs in the discoverEndpoints function. No authentication is performed against endpoints provided in the --endpoints flag. This has been fixed in versions 3.4.10 and 3.3.23 with improved documentation and deprecation of the functionality.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 39.4%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 5.8
References
- https://github.com/etcd-io/etcd/blob/master/Documentation/op-guide/gateway.md
- https://github.com/etcd-io/etcd/security/advisories/GHSA-wr2v-9rpq-c35q
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L6B6R43Y7M3DCHWK3L3UVGE2K6WWECMP/
- https://github.com/etcd-io/etcd/blob/master/Documentation/op-guide/gateway.md
- https://github.com/etcd-io/etcd/security/advisories/GHSA-wr2v-9rpq-c35q
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L6B6R43Y7M3DCHWK3L3UVGE2K6WWECMP/
Products affected by CVE-2020-15136
-
cpe:2.3:a:redhat:etcd:3.3.0
-
cpe:2.3:a:redhat:etcd:3.3.1
-
cpe:2.3:a:redhat:etcd:3.3.10
-
cpe:2.3:a:redhat:etcd:3.3.11
-
cpe:2.3:a:redhat:etcd:3.3.12
-
cpe:2.3:a:redhat:etcd:3.3.13
-
cpe:2.3:a:redhat:etcd:3.3.15
-
cpe:2.3:a:redhat:etcd:3.3.2
-
cpe:2.3:a:redhat:etcd:3.3.3
-
cpe:2.3:a:redhat:etcd:3.3.4
-
cpe:2.3:a:redhat:etcd:3.3.5
-
cpe:2.3:a:redhat:etcd:3.3.6
-
cpe:2.3:a:redhat:etcd:3.3.7
-
cpe:2.3:a:redhat:etcd:3.3.8
-
cpe:2.3:a:redhat:etcd:3.3.9
-
cpe:2.3:a:redhat:etcd:3.4.0
-
cpe:2.3:o:fedoraproject:fedora:32