<Vulnerability name="CVE-2026-59818">
    <DocumentDistribution xml:lang="en">Copyright © 2012 Red Hat, Inc. All rights reserved.</DocumentDistribution>
    <ThreatSeverity>Moderate</ThreatSeverity>
    <PublicDate>2026-07-08T21:00:18</PublicDate>
    <Bugzilla id="2498305" url="https://bugzilla.redhat.com/show_bug.cgi?id=2498305" xml:lang="en:us">
etcd: etcd: Authentication bypass due to improper Certificate Revocation List enforcement on gRPC listener
    </Bugzilla>
    <CVSS3 status="draft">
        <CVSS3BaseScore>6.5</CVSS3BaseScore>
        <CVSS3ScoringVector>CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N</CVSS3ScoringVector>
    </CVSS3>
    <CWE>CWE-295</CWE>
    <Details xml:lang="en:us" source="Mitre">
etcd is a distributed key-value store for the data of a distributed system. Prior to 3.5.32 and 3.6.13, when etcd is configured with --listen-client-http-urls to split HTTP and gRPC client endpoints onto separate listeners, the --client-crl-file Certificate Revocation List is not enforced on the gRPC listener, allowing a client with a revoked certificate to authenticate successfully over gRPC. This issue is fixed in versions 3.5.32 and 3.6.13.
    </Details>
    <Details xml:lang="en:us" source="Red Hat">
A flaw was found in etcd, a distributed key-value store. When etcd is configured to use separate listeners for HTTP and gRPC client endpoints, the Certificate Revocation List (CRL) is not properly enforced on the gRPC listener. This oversight allows a client with a revoked certificate to successfully authenticate, potentially leading to unauthorized access and compromise of data integrity.
    </Details>
    <PackageState cpe="cpe:/a:redhat:openstack:16.2">
        <ProductName>Red Hat OpenStack Platform 16.2</ProductName>
        <FixState>Fix deferred</FixState>
        <PackageName>etcd</PackageName>
    </PackageState>
    <PackageState cpe="cpe:/a:redhat:openstack:17.1">
        <ProductName>Red Hat OpenStack Platform 17.1</ProductName>
        <FixState>Fix deferred</FixState>
        <PackageName>etcd</PackageName>
    </PackageState>
    <References xml:lang="en:us">
https://www.cve.org/CVERecord?id=CVE-2026-59818
https://nvd.nist.gov/vuln/detail/CVE-2026-59818
https://github.com/etcd-io/etcd/commit/2308ce1578064641d4d67c40f0487309267d1bef
https://github.com/etcd-io/etcd/commit/24838af5a53dd0245adced920e42a9bf0e7a267f
https://github.com/etcd-io/etcd/commit/8221ae82bc25d4d55ca64382207b69be71038cbb
https://github.com/etcd-io/etcd/pull/22007
https://github.com/etcd-io/etcd/pull/22021
https://github.com/etcd-io/etcd/pull/22025
https://github.com/etcd-io/etcd/releases/tag/v3.5.32
https://github.com/etcd-io/etcd/releases/tag/v3.6.13
https://github.com/etcd-io/etcd/security/advisories/GHSA-3wh4-j44w-pg92
    </References>
</Vulnerability>