Every CVE whose affected-product data names Redhat Etcd, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2018-1098 — CVSS 8.8 (high): A cross-site request forgery flaw was found in etcd 3.3.1 and earlier. An attacker can set up a website that tries to send a POST request…
CVE-2020-15114 — CVSS 7.7 (high): In etcd before versions 3.3.23 and 3.4.10, the etcd gateway is a simple TCP proxy to allow for basic service discovery and access. However…
CVE-2020-15136 — CVSS 6.5 (medium): In ectd before versions 3.4.10 and 3.3.23, gateway TLS authentication is only applied to endpoints detected in DNS SRV records. When…
CVE-2020-15115 — CVSS 5.8 (medium): etcd before versions 3.3.23 and 3.4.10 does not perform any password length validation, which allows for very short passwords, such as…
CVE-2018-1099 — CVSS 5.5 (medium): DNS rebinding vulnerability found in etcd 3.3.1 and earlier. An attacker can control his DNS records to direct to localhost, and trick the…