CVE-2018-1099 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2018-1099 Interim 1 6 2023-02-10T02:01:01Z current 2021-05-30T14:06:52Z 2023-02-10T02:01:01Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2018-1099 DNS rebinding vulnerability found in etcd 3.3.1 and earlier. An attacker can control his DNS records to direct to localhost, and trick the browser into sending requests to localhost (or any other address). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Container as a Service Platform 2.0 etcd etcd as a component of SUSE Container as a Service Platform 2.0 DNS rebinding vulnerability found in etcd 3.3.1 and earlier. An attacker can control his DNS records to direct to localhost, and trick the browser into sending requests to localhost (or any other address). CVE-2018-1099 SUSE Container as a Service Platform 2.0:etcd low 2.1 AV:L/AC:L/Au:N/C:N/I:P/A:N 3.7 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N