5.3

CVSS Score

3.1

Basic Information

CVE ID

CVE-2020-15112

GHSA ID

GHSA-m332-53r6-2w93

EPSS Score

0.29048%

CWE

CWE-20

Published

10/6/2022

Updated

2/15/2023

KEV Status

Technology

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2020-15112

CVE-2020-15112: etcd's WAL `ReadAll` method vulnerable to an entry with large index causing panic

Vulnerability type

Data Validation

Detail

In the ReadAll method in wal/wal.go, it is possible to have an entry index greater then the number of entries. This could cause issues when WAL entries are being read during consensus as an arbitrary etcd consensus participant could go down from a runtime panic when reading the entry.

References

Find out more on this vulnerability in the security audit report

For more information

If you have any questions or comments about this advisory:

Contact the etcd security committee

(GitHub Advisory)

5.3

CVSS Score

3.1

Basic Information

CVE ID

CVE-2020-15112

GHSA ID

GHSA-m332-53r6-2w93

EPSS Score

0.29048%

CWE

CWE-20

Published

10/6/2022

Updated

2/15/2023

KEV Status

Technology

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
go.etcd.io/etcd/v3	go	< 3.3.23	3.3.23
go.etcd.io/etcd/v3	go	>= 3.4.0, < 3.4.10	3.4.10

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from improper validation of array indices in WAL.ReadAll. The original code appended entries using a slice operation dependent on untrusted index values from WAL files. The patch added bounds checking (up > uint64(len(ents))) to prevent out-of-range accesses. The CWE-129 (Improper Validation of Array Index) and commit diff modifications to wal/wal.go's ReadAll method confirm this was the vulnerable function.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

### Vuln*r**ility typ* **t* V*li**tion ### **t*il In t** R****ll m*t*o* in w*l/w*l.*o, it is possi*l* to **v* *n *ntry in**x *r**t*r t**n t** num**r o* *ntri*s. T*is *oul* **us* issu*s w**n W*L *ntri*s *r* **in* r*** *urin* *ons*nsus *s *n *r*itr*ry

Reasoning

T** vuln*r**ility st*ms *rom improp*r `v*li**tion` o* *rr*y in*i**s in `W*L.R****ll`. T** ori*in*l *o** *pp*n*** *ntri*s usin* * sli** op*r*tion **p*n**nt on untrust** in**x v*lu*s *rom `W*L` *il*s. T** p*t** ***** *oun*s ****kin* (`up > uint**(l*n(*

5.3

Basic Information

Concerned about an active attack path?

CVE-2020-15112: etcd's WAL `ReadAll` method vulnerable to an entry with large index causing panic

Vulnerability type

Detail

References

For more information

5.3

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI