CVE-2018-1099 - AskarLabs CVE Database

CVE-2018-1099

Vendor Red Hat, Inc.

Product etcd

Weakness CWE-20 · Input validation

Published April 3, 2018

Last update September 17, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

DNS rebinding vulnerability found in etcd 3.3.1 and earlier. An attacker can control his DNS records to direct to localhost, and trick the browser into sending requests to localhost (or any other address).

Key dates

02Disclosure timeline

April 3, 2018 CVE published

September 17, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2018-1099 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/20.html

Related vulnerabilities

04Related CVE

CVE-2021-22678 CVE-2026-47931 ColdFusion | Improper Input Validation (CWE-20) CVE-2023-44355 ColdFusion | Improper Input Validation (CWE-20) CVE-2018-15430 Cisco Expressway Series and Cisco TelePresence Video Communication Server Remote Code Execution Vulnerability CVE-2024-41120 streamlit-geospatial blind SSRF in pages/9_🔲_Vector_Data_Visualization.py