Download
| Alert*
|
oval:org.secpod.oval:def:116561
A highly-available key value store for shared configuration. oval:org.secpod.oval:def:1901872 etcd versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11 are vulnerable to an improper authentication issue when role-based access control is used and client-cert-auth is enabled. If an etcd client server TLS certificate contains a Common Name which matches a valid RBAC username a remote attacker ... oval:org.secpod.oval:def:503133 The etcd packages provide a highly available key-value store for shared configuration. The following packages have been upgraded to a later upstream version: etcd . Security Fix: * etcd: Improper Authentication in auth/store.go:AuthInfoFromTLS via gRPC-gateway For more details about the security i ... |
