CVE-2020-15115
Published
CVSS v3
5.8
MEDIUM
CVSS v2
5
MEDIUM
Affected
1
PROJECT
Description
etcd before versions 3.3.23 and 3.4.10 does not perform any password length validation, which allows for very short passwords, such as those with a length of one. This may allow an attacker to guess or brute-force users' passwords with little computational effort.
Distributed reliable key-value store for the most critical data of a distributed system
GitHub