Miggo Logo

CVE-2020-15136: Etcd Gateway TLS authentication only applies to endpoints detected in DNS SRV records

6.5

CVSS Score
3.1

Basic Information

EPSS Score
0.39367%
Published
1/31/2024
Updated
1/31/2024
KEV Status
No
Technology
TechnologyGo

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
go.etcd.io/etcdgo>= 3.4.0-rc.0, <= 3.4.93.4.10
go.etcd.io/etcdgo< 3.3.233.3.23

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability arises because TLS authentication is only applied to endpoints discovered via DNS SRV records in the discoverEndpoints function, while endpoints provided via --endpoints are not authenticated. However, the provided information does not include specific code changes or function names related to processing the --endpoints flag. Without the actual patch details or code snippets, it's impossible to definitively identify the exact vulnerable functions that handle the --endpoints input without authentication. The discoverEndpoints function itself implements correct authentication but is not the source of vulnerability; the issue lies in the code path that processes --endpoints without invoking proper authentication checks, which isn't explicitly named in the available data.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

### Vuln*r**ility typ* *rypto*r*p*y ### Work*roun*s R***r to t** [**t*w*y *o*um*nt*tion](*ttps://*it*u*.*om/*t**-io/*t**/*lo*/m*st*r/*o*um*nt*tion/op-*ui**/**t*w*y.m*). T** vuln*r**ility w*s spott** *u* to un*l**r *o*um*nt*tion o* *ow t** **t*w*y **

Reasoning

T** vuln*r**ility *ris*s ****us* TLS *ut**nti**tion is only *ppli** to *n*points *is*ov*r** vi* *NS SRV r**or*s in t** `*is*ov*r*n*points` *un*tion, w*il* *n*points provi*** vi* --*n*points *r* not *ut**nti**t**. *ow*v*r, t** provi*** in*orm*tion *o*