Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
No minimum password length in etcd
Vulnerability Description
etcd before versions 3.3.23 and 3.4.10 does not perform any password length validation, which allows for very short passwords, such as those with a length of one. This may allow an attacker to guess or brute-force users' passwords with little computational effort.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
Vulnerability Type
弱口令要求
Vulnerability Title
etcd 安全漏洞
Vulnerability Description
etcd是一套使用Go语言编写的用于分布式系统的键值存储系统。 etcd 3.3.23之前版本和3.4.10之前版本中存在安全漏洞,该漏洞源于程序没有进行任何的密码长度验证。攻击者可利用该漏洞对用户密码实施暴力破解攻击。
CVSS Information
N/A
Vulnerability Type
N/A