CVE-2018-16886 — HIGH (8.1)

Q: How severe is CVE-2018-16886?

CVE-2018-16886 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2018-16886?

Check the references section above for vendor advisories and patch information. Affected products include: Etcd Etcd, Redhat Enterprise Linux Desktop, Redhat Enterprise Linux Server, Redhat Enterprise Linux Workstation, Fedoraproject Fedora.

Vulnerability Description

etcd versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11 are vulnerable to an improper authentication issue when role-based access control (RBAC) is used and client-cert-auth is enabled. If an etcd client server TLS certificate contains a Common Name (CN) which matches a valid RBAC username, a remote attacker may authenticate as that user with any valid (trusted) client certificate in a REST API request to the gRPC-gateway.

CVSS Score

8.1

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Etcd	Etcd	>= 3.2.0, < 3.2.26
Redhat	Enterprise Linux Desktop	7.0
Redhat	Enterprise Linux Server	7.0
Redhat	Enterprise Linux Workstation	7.0
Fedoraproject	Fedora	30

Related Weaknesses (CWE)

CWE-287

References

http://www.securityfocus.com/bid/106540Third Party AdvisoryVDB Entry
https://access.redhat.com/errata/RHSA-2019:0237Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:1352Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16886Issue TrackingPatchThird Party Advisory
https://github.com/etcd-io/etcd/blob/1eee465a43720d713bb69f7b7f5e120135fdb1ac/CHRelease Notes
https://github.com/etcd-io/etcd/blob/1eee465a43720d713bb69f7b7f5e120135fdb1ac/CHRelease Notes
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
http://www.securityfocus.com/bid/106540Third Party AdvisoryVDB Entry
https://access.redhat.com/errata/RHSA-2019:0237Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:1352Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16886Issue TrackingPatchThird Party Advisory
https://github.com/etcd-io/etcd/blob/1eee465a43720d713bb69f7b7f5e120135fdb1ac/CHRelease Notes
https://github.com/etcd-io/etcd/blob/1eee465a43720d713bb69f7b7f5e120135fdb1ac/CHRelease Notes
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro

FAQ

What is CVE-2018-16886?

CVE-2018-16886 is a vulnerability with a CVSS score of 8.1 (HIGH). etcd versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11 are vulnerable to an improper authentication issue when role-based access control (RBAC) is used and client-cert-auth is enabled. If an etcd c...

How severe is CVE-2018-16886?

CVE-2018-16886 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2018-16886?

Check the references section above for vendor advisories and patch information. Affected products include: Etcd Etcd, Redhat Enterprise Linux Desktop, Redhat Enterprise Linux Server, Redhat Enterprise Linux Workstation, Fedoraproject Fedora.