2020-08-06 21:55:12
GitHub_M
PUBLISHED
etcd before versions 3.3.23 and 3.4.10 does not perform any password length validation, which allows for very short passwords, such as those with a length of one. This may allow an attacker to guess or brute-force users passwords with little computational effort.