CVE-2018-1099
CVE-2018-1099
DNS rebinding vulnerability found in etcd 3.3.1 and earlier. An attacker can control his DNS records to direct to localhost, and trick the browser into sending requests to localhost (or any other address).
Affected products
Red Hat, Inc. · etcdWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://bugzilla.redhat.com/show_bug.cgi?id=1552717https://github.com/coreos/etcd/issues/9353https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JX7QTIT465BQGRGNCE74RATRQLKT2QE4/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UPGYHMSKDPW5GAMI7BEP3XQRVRLLBJKS/