CVE-2020-15136 — Etcd Gateway TLS authentication only applies to endpoints detected in DNS SRV re

Description

In ectd before versions 3.4.10 and 3.3.23, gateway TLS authentication is only applied to endpoints detected in DNS SRV records. When starting a gateway, TLS authentication will only be attempted on endpoints identified in DNS SRV records for a given domain, which occurs in the discoverEndpoints function. No authentication is performed against endpoints provided in the --endpoints flag. This has been fixed in versions 3.4.10 and 3.3.23 with improved documentation and deprecation of the functionality.

How to fix CVE-2020-15136

To remediate CVE-2020-15136, upgrade the affected package to a fixed version below.

—upgrade to 3.3.25+dfsg-5 or later
—upgrade to 3.4.10 or later

Is CVE-2020-15136 being exploited?

Low — EPSS is 0.3%, meaning exploitation activity has not been observed at scale.

Affected packages (2)

from 0, < 3.3.25+dfsg-5
>= 3.4.0-rc.0, < 3.4.10

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	MEDIUM6.5	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N

References (5)

ADVISORYnvd.nist.gov/vuln/detail/CVE-2020-15136
ADVISORYsecurity-tracker.debian.org/tracker/CVE-2020-15136
WEBgithub.com/etcd-io/etcd/blob/master/Documentation/op-guide/gateway.md
WEBgithub.com/etcd-io/etcd/security/advisories/GHSA-wr2v-9rpq-c35q