AZL-26139

See a problem?
Import Source
https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-26139.json
JSON Data
https://api.test.osv.dev/v1/vulns/AZL-26139
Upstream
Published
2023-04-04T15:15:08Z
Modified
2026-04-01T05:08:14.721231Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
CVE-2021-28235 affecting package etcd for versions less than 3.5.4-6
Details

Authentication vulnerability found in Etcd-io v.3.4.10 allows remote attackers to escalate privileges via the debug function.

References

Affected packages

Azure Linux:2 / etcd

Package

Name
etcd
Purl
pkg:rpm/azure-linux/etcd

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.5.4-6

Database specific

source 
"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-26139.json"