Explore top 10 tips to secure your open-source projects now. Read More
×
etcd could be made to expose sensitive information over the
network.
Software Description:
- etcd: highly-available key value store -- client
Details:
It was discovered that etcd leaked credentials when debugging
was enabled. This allowed remote attackers to discover etcd
authentication credentials and possibly escalate privileges on
systems using etcd.
The problem can be corrected by updating your system to the following package versions: Ubuntu 23.04: etcd-client 3.4.23-4ubuntu0.1 etcd-server 3.4.23-4ubuntu0.1 Ubuntu 22.10: etcd-client 3.3.25+dfsg-7ubuntu0.22.10.2 etcd-server 3.3.25+dfsg-7ubuntu0.22.10.2 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-6189-1
CVE-2021-28235
Get the latest Linux and open source security news straight to your inbox.