Home / Early Warning / Vulnerabilidades / CVE-2020-15112

CVE-2020-15112

Type: 
Input Validation
Severity: 
Medium
Publication date: 
08/05/2020
Last modified: 
08/10/2020
Description
In etcd before versions 3.3.23 and 3.4.10, it is possible to have an entry index greater then the number of entries in the ReadAll method in wal/wal.go. This could cause issues when WAL entries are being read during consensus as an arbitrary etcd consensus participant could go down from a runtime panic when reading the entry.
Impact
Access Vector: Through network
Access Complexity: Low
Authentication: Requires a single instance to exploit
Impact Type: No impact on system integrity + No impact on system confidentiality + Partially affects on system availability
Vulnerable software and versions
  • cpe:2.3:a:etcd:etcd:*:*:*:*:*:*:*:*
To consult the complete list of products and versions see this page
References to Advisories, Solutions, and Tools
Explanation of fields