Vulnerability Name:

CVE-2018-1099 (CCN-141541)

Assigned:2017-12-04
Published:2018-02-25
Updated:2019-05-06
Summary:DNS rebinding vulnerability found in etcd 3.3.1 and earlier. An attacker can control his DNS records to direct to localhost, and trick the browser into sending requests to localhost (or any other address).
CVSS v3 Severity:5.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N)
4.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): High
Availibility (A): None
3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)
3.2 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
2.6 Low (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-20
Vulnerability Consequences:Data Manipulation
References:Source: MITRE
Type: CNA
CVE-2018-1099

Source: CCN
Type: Red Hat Bugzilla – Bug 1552717
(CVE-2018-1099) CVE-2018-1099 etcd: DNS rebinding vulnerability in etcd server

Source: CONFIRM
Type: Issue Tracking, Patch, Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1552717

Source: XF
Type: UNKNOWN
etcd-cve20181099-dns-hijacking(141541)

Source: CCN
Type: etcd GIT Repository
Mitigate CSRF and DNS Rebinding attacks #9353

Source: CONFIRM
Type: Exploit, Third Party Advisory
https://github.com/coreos/etcd/issues/9353

Source: FEDORA
Type: UNKNOWN
FEDORA-2019-219b0b0b6a

Source: FEDORA
Type: Third Party Advisory
FEDORA-2019-833466697f

Source: CCN
Type: IBM Security Bulletin 6599703 (Db2 On Openshift)
Multiple vulnerabilities affect IBM Db2 On Openshift and IBM Db2 and Db2 Warehouse on Cloud Pak for Data

Source: CCN
Type: IBM Security Bulletin 6958080 (CICS TX Advanced)
CVE-2018-1099, CVE-2018-1098 may affect IBM CICS TX Advanced

Source: CCN
Type: IBM Security Bulletin 6958082 (CICS TX Standard)
CVE-2018-1099, CVE-2018-1098 may affect IBM CICS TX Standard

Source: CCN
Type: IBM Security Bulletin 6991619 (Edge Application Manager)
Open Source Dependency Vulnerability

Vulnerable Configuration:Configuration 1:
  • cpe:/a:redhat:etcd:*:*:*:*:*:*:*:* (Version <= 3.3.1)

    • Configuration 2:
  • cpe:/o:fedoraproject:fedora:30:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:etcd:etcd:3.3.1:*:*:*:*:*:*:*
  • AND
  • cpe:/a:ibm:db2_warehouse:3.5:-:*:*:*:*:*:*
  • OR cpe:/a:ibm:db2_warehouse:4.0:-:*:*:*:*:*:*
  • OR cpe:/a:ibm:db2:3.5:-:*:*:*:*:*:*
  • OR cpe:/a:ibm:db2:4.0:-:*:*:*:*:*:*
  • OR cpe:/a:ibm:cics_tx:11.1:*:*:*:standard:*:*:*
  • OR cpe:/a:ibm:cics_tx:11.1:*:*:*:advanced:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:com.ubuntu.disco:def:201810990000000
    V
    		CVE-2018-1099 on Ubuntu 19.04 (disco) - low.
    2018-04-03
    oval:com.ubuntu.artful:def:20181099000
    V
    		CVE-2018-1099 on Ubuntu 17.10 (artful) - untriaged.
    2018-04-03
    oval:com.ubuntu.cosmic:def:201810990000000
    V
    		CVE-2018-1099 on Ubuntu 18.10 (cosmic) - low.
    2018-04-03
    oval:com.ubuntu.bionic:def:20181099000
    V
    		CVE-2018-1099 on Ubuntu 18.04 LTS (bionic) - low.
    2018-04-03
    oval:com.ubuntu.bionic:def:201810990000000
    V
    		CVE-2018-1099 on Ubuntu 18.04 LTS (bionic) - low.
    2018-04-03
    oval:com.ubuntu.cosmic:def:20181099000
    V
    		CVE-2018-1099 on Ubuntu 18.10 (cosmic) - low.
    2018-04-03
    oval:com.ubuntu.xenial:def:201810990000000
    V
    		CVE-2018-1099 on Ubuntu 16.04 LTS (xenial) - low.
    2018-04-03
    oval:com.ubuntu.xenial:def:20181099000
    V
    		CVE-2018-1099 on Ubuntu 16.04 LTS (xenial) - low.
    2018-04-03
    BACK
    redhat etcd *
    fedoraproject fedora 30
    etcd etcd 3.3.1
    ibm db2 warehouse 3.5 -
    ibm db2 warehouse 4.0 -
    ibm db2 3.5 -
    ibm db2 4.0 -
    ibm cics tx 11.1
    ibm cics tx 11.1