DNS Rebinding Vulnerability in etcd 3.3.1 and Earlier: Exploiting Browser Requests to Localhost

DNS Rebinding Vulnerability in etcd 3.3.1 and Earlier: Exploiting Browser Requests to Localhost

CVE-2018-1099 · LOW Severity

AV:L/AC:L/AU:N/C:N/I:P/A:N

DNS rebinding vulnerability found in etcd 3.3.1 and earlier. An attacker can control his DNS records to direct to localhost, and trick the browser into sending requests to localhost (or any other address).

Learn more about our Cis Benchmark Audit For Bind.