CVE-2023-32082 - OpenCVE

etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.26 and 3.5.9, the LeaseTimeToLive API allows access to key names (not value) associated to a lease when `Keys` parameter is true, even a user doesn't have read permission to the keys. The impact is limited to a cluster which enables auth (RBAC). Versions 3.4.26 and 3.5.9 fix this issue. There are no known workarounds.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Etcd	Etcd
Redhat	Openstack

Configuration 1 [-]

OR	cpe:2.3:a:etcd:etcd::::::::
	cpe:2.3:a:etcd:etcd::::::::

Package	CPE	Advisory	Released Date
Red Hat OpenStack Platform 17.0
etcd-0:3.4.26-1.el9ost	cpe:/a:redhat:openstack:17.0::el9	RHSA-2023:3441	2023-06-05T00:00:00Z

References

Link	Providers
https://github.com/etcd-io/etcd/blob/main/CHANGELOG/CHANGELOG-3.4.md
https://github.com/etcd-io/etcd/blob/main/CHANGELOG/CHANGELOG-3.5.md
https://github.com/etcd-io/etcd/pull/15656
https://github.com/etcd-io/etcd/security/advisories/GHSA-3p4g-rcw5-8298
https://nvd.nist.gov/vuln/detail/CVE-2023-32082
https://www.cve.org/CVERecord?id=CVE-2023-32082

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2023-05-11T19:22:56.442Z

Updated: 2024-08-02T15:03:29.172Z

Reserved: 2023-05-01T16:47:35.316Z

Link: CVE-2023-32082

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2023-05-11T20:15:09.500

Modified: 2023-05-22T18:13:31.550

Link: CVE-2023-32082

Redhat

Severity : Low

Publid Date: 2023-05-11T00:00:00Z

Links: CVE-2023-32082 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-32082", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2023-05-01T16:47:35.316Z", "datePublished": "2023-05-11T19:22:56.442Z", "dateUpdated": "2024-08-02T15:03:29.172Z"}, "containers": {"cna": {"title": "etcd key name can be accessed via LeaseTimeToLive API", "problemTypes": [{"descriptions": [{"cweId": "CWE-200", "lang": "en", "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.1, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/etcd-io/etcd/security/advisories/GHSA-3p4g-rcw5-8298", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/etcd-io/etcd/security/advisories/GHSA-3p4g-rcw5-8298"}, {"name": "https://github.com/etcd-io/etcd/pull/15656", "tags": ["x_refsource_MISC"], "url": "https://github.com/etcd-io/etcd/pull/15656"}, {"name": "https://github.com/etcd-io/etcd/blob/main/CHANGELOG/CHANGELOG-3.4.md", "tags": ["x_refsource_MISC"], "url": "https://github.com/etcd-io/etcd/blob/main/CHANGELOG/CHANGELOG-3.4.md"}, {"name": "https://github.com/etcd-io/etcd/blob/main/CHANGELOG/CHANGELOG-3.5.md", "tags": ["x_refsource_MISC"], "url": "https://github.com/etcd-io/etcd/blob/main/CHANGELOG/CHANGELOG-3.5.md"}], "affected": [{"vendor": "etcd-io", "product": "etcd", "versions": [{"version": "< 3.4.26", "status": "affected"}, {"version": ">= 3.5.0, < 3.5.9", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-05-11T19:22:56.442Z"}, "descriptions": [{"lang": "en", "value": "etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.26 and 3.5.9, the LeaseTimeToLive API allows access to key names (not value) associated to a lease when `Keys` parameter is true, even a user doesn't have read permission to the keys. The impact is limited to a cluster which enables auth (RBAC). Versions 3.4.26 and 3.5.9 fix this issue. There are no known workarounds."}], "source": {"advisory": "GHSA-3p4g-rcw5-8298", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T15:03:29.172Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/etcd-io/etcd/security/advisories/GHSA-3p4g-rcw5-8298", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/etcd-io/etcd/security/advisories/GHSA-3p4g-rcw5-8298"}, {"name": "https://github.com/etcd-io/etcd/pull/15656", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/etcd-io/etcd/pull/15656"}, {"name": "https://github.com/etcd-io/etcd/blob/main/CHANGELOG/CHANGELOG-3.4.md", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/etcd-io/etcd/blob/main/CHANGELOG/CHANGELOG-3.4.md"}, {"name": "https://github.com/etcd-io/etcd/blob/main/CHANGELOG/CHANGELOG-3.5.md", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/etcd-io/etcd/blob/main/CHANGELOG/CHANGELOG-3.5.md"}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:etcd:etcd:*:*:*:*:*:*:*:*", "matchCriteriaId": "5E56D7E0-3AF4-4551-94A4-EA54EEA5481D", "versionEndExcluding": "3.4.26", "vulnerable": true}, {"criteria": "cpe:2.3:a:etcd:etcd:*:*:*:*:*:*:*:*", "matchCriteriaId": "9AEA3B67-BE9A-4473-9183-2682BED35728", "versionEndExcluding": "3.5.9", "versionStartIncluding": "3.5.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.26 and 3.5.9, the LeaseTimeToLive API allows access to key names (not value) associated to a lease when `Keys` parameter is true, even a user doesn't have read permission to the keys. The impact is limited to a cluster which enables auth (RBAC). Versions 3.4.26 and 3.5.9 fix this issue. There are no known workarounds."}], "id": "CVE-2023-32082", "lastModified": "2023-05-22T18:13:31.550", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.1, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 1.4, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2023-05-11T20:15:09.500", "references": [{"source": "security-advisories@github.com", "tags": ["Release Notes"], "url": "https://github.com/etcd-io/etcd/blob/main/CHANGELOG/CHANGELOG-3.4.md"}, {"source": "security-advisories@github.com", "tags": ["Release Notes"], "url": "https://github.com/etcd-io/etcd/blob/main/CHANGELOG/CHANGELOG-3.5.md"}, {"source": "security-advisories@github.com", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/etcd-io/etcd/pull/15656"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/etcd-io/etcd/security/advisories/GHSA-3p4g-rcw5-8298"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-200"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2023:3441", "cpe": "cpe:/a:redhat:openstack:17.0::el9", "package": "etcd-0:3.4.26-1.el9ost", "product_name": "Red Hat OpenStack Platform 17.0", "release_date": "2023-06-05T00:00:00Z"}], "bugzilla": {"description": "etcd: Key name can be accessed via LeaseTimeToLive API", "id": "2208131", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2208131"}, "csaw": false, "cvss3": {"cvss3_base_score": "3.1", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", "status": "verified"}, "cwe": "CWE-200", "details": ["etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.26 and 3.5.9, the LeaseTimeToLive API allows access to key names (not value) associated to a lease when `Keys` parameter is true, even a user doesn't have read permission to the keys. The impact is limited to a cluster which enables auth (RBAC). Versions 3.4.26 and 3.5.9 fix this issue. There are no known workarounds.", "A flaw was found in etcd. Affected versions of etcd allow a remote, authenticated attacker to use the LeaseTimeToLive API to obtain sensitive information."], "name": "CVE-2023-32082", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "etcd", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "etcd3", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "openshift4/ose-etcd", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openstack:16.1", "fix_state": "Will not fix", "package_name": "etcd", "product_name": "Red Hat OpenStack Platform 16.1"}, {"cpe": "cpe:/a:redhat:openstack:16.2", "fix_state": "Will not fix", "package_name": "etcd", "product_name": "Red Hat OpenStack Platform 16.2"}, {"cpe": "cpe:/a:redhat:storage:3", "fix_state": "Affected", "package_name": "etcd", "product_name": "Red Hat Storage 3"}], "public_date": "2023-05-11T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-32082\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-32082"], "threat_severity": "Low", "upstream_fix": "etcd 3.4.26, etcd 3.5.9"}