CVE-2018-16886 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2018-16886 Interim 1 21 2025-08-14T02:27:03Z current 2021-05-30T14:17:01Z 2025-08-14T02:27:03Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2018-16886 etcd versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11 are vulnerable to an improper authentication issue when role-based access control (RBAC) is used and client-cert-auth is enabled. If an etcd client server TLS certificate contains a Common Name (CN) which matches a valid RBAC username, a remote attacker may authenticate as that user with any valid (trusted) client certificate in a REST API request to the gRPC-gateway. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-security-updates/2019-February/005103.html E-Mail link for SUSE-SU-2019:0330-1 https://lists.suse.com/pipermail/sle-updates/2024-October/037265.html E-Mail link for SUSE-SU-2024:3656-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings Container containers/milvus:2.4.6-6.1 Magnum Orchestration 7 SUSE CaaS Platform 3.0 SUSE Container as a Service Platform 2.0 openSUSE Leap 15.5 openSUSE Leap 15.6 openSUSE Tumbleweed etcd etcd-3.3.11-3.6.1 etcd-3.4.16-3.1 etcd-3.5.12-150000.7.6.1 etcdctl-3.3.11-3.6.1 etcdctl-3.4.16-3.1 etcdctl-3.5.12-150000.7.6.1 etcd-3.5.12-150000.7.6.1 as a component of Container containers/milvus:2.4.6-6.1 etcd-3.3.11-3.6.1 as a component of SUSE CaaS Platform 3.0 etcdctl-3.3.11-3.6.1 as a component of SUSE CaaS Platform 3.0 etcd-3.5.12-150000.7.6.1 as a component of openSUSE Leap 15.5 etcdctl-3.5.12-150000.7.6.1 as a component of openSUSE Leap 15.5 etcd-3.5.12-150000.7.6.1 as a component of openSUSE Leap 15.6 etcdctl-3.5.12-150000.7.6.1 as a component of openSUSE Leap 15.6 etcd-3.4.16-3.1 as a component of openSUSE Tumbleweed etcdctl-3.4.16-3.1 as a component of openSUSE Tumbleweed etcd as a component of Magnum Orchestration 7 etcd as a component of SUSE Container as a Service Platform 2.0 etcd versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11 are vulnerable to an improper authentication issue when role-based access control (RBAC) is used and client-cert-auth is enabled. If an etcd client server TLS certificate contains a Common Name (CN) which matches a valid RBAC username, a remote attacker may authenticate as that user with any valid (trusted) client certificate in a REST API request to the gRPC-gateway. CVE-2018-16886 Container containers/milvus:2.4.6-6.1:etcd-3.5.12-150000.7.6.1 SUSE CaaS Platform 3.0:etcd-3.3.11-3.6.1 SUSE CaaS Platform 3.0:etcdctl-3.3.11-3.6.1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP7:etcd-3.5.12-150000.7.6.1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP7:etcdctl-3.5.12-150000.7.6.1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP7:etcdutl-3.5.12-150000.7.6.1 openSUSE Leap 15.5:etcd-3.5.12-150000.7.6.1 openSUSE Leap 15.5:etcdctl-3.5.12-150000.7.6.1 openSUSE Leap 15.6:etcd-3.5.12-150000.7.6.1 openSUSE Leap 15.6:etcdctl-3.5.12-150000.7.6.1 openSUSE Tumbleweed:etcd-3.4.16-3.1 openSUSE Tumbleweed:etcdctl-3.4.16-3.1 Magnum Orchestration 7:etcd SUSE Container as a Service Platform 2.0:etcd moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P 6.8 CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N