{ "Name": "CoreOS ETCD API Unauthorized Access", "Description": "ETCD is an open source project initiated by CoreOS. ETCD is a distributed and consistent KV storage system for shared configuration and service discovery. CoreOS ETCD cluster API has an unauthorized access vulnerability. ETCD is used as a Kubernetes backup storage area for all cluster data. This vulnerability may reveal a large amount of sensitive information.", "Product": "CoreOS etcd ", "Homepage": "https://coreos.com/etcd/", "DisclosureDate": "2021-06-09", "Author": "atdpa4sw0rd@gmail.com", "GobyQuery": "protocol=\"etcd\"", "Level": "3", "Impact": "
Attackers can obtain AWS keys, API keys, and sensitive information about a series of services, and use the obtained keys to control the cluster for further attacks, seriously threatening the user's data security.
1. Please refer to the official authentication document to add authentication: https://github.com/etcd-io/etcd/blob/master/Documentation/v2/authentication.md, the password should preferably contain uppercase and lowercase letters, numbers and special Characters, etc., and the number of digits is greater than 8 digits.
2. If it is not necessary, the public network is prohibited from accessing the service.
3. Set access policies and whitelist access through security devices such as firewalls.
", "References": [ "https://elweb.co/the-security-footgun-in-etcd/" ], "HasExp": true, "ExpParams": null, "ExpTips": { "Type": "", "Content": "" }, "ScanSteps": null, "ExploitSteps": null, "Tags": [ "Disclosure of Sensitive Information" ], "CVEIDs": null, "CVSSScore": "0.0", "AttackSurfaces": { "Application": null, "Support": null, "Service": null, "System": null, "Hardware": null } }