vulnerability
Oracle Linux: CVE-2017-7562: ELSA-2018-0666: krb5 security, bug fix, and enhancement update (MODERATE) (Multiple Advisories)
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
7 | (AV:N/AC:L/Au:S/C:N/I:C/A:N) | Aug 25, 2017 | Apr 19, 2018 | Nov 29, 2024 |
Severity
7
CVSS
(AV:N/AC:L/Au:S/C:N/I:C/A:N)
Published
Aug 25, 2017
Added
Apr 19, 2018
Modified
Nov 29, 2024
Description
An authentication bypass flaw was found in the way krb5's certauth interface before 1.16.1 handled the validation of client certificates. A remote attacker able to communicate with the KDC could potentially use this flaw to impersonate arbitrary principals under rare and erroneous circumstances.
An authentication bypass flaw was found in the way krb5's certauth interface handled the validation of client certificates. A remote attacker able to communicate with the KDC could potentially use this flaw to impersonate arbitrary principals under rare and erroneous circumstances.
An authentication bypass flaw was found in the way krb5's certauth interface handled the validation of client certificates. A remote attacker able to communicate with the KDC could potentially use this flaw to impersonate arbitrary principals under rare and erroneous circumstances.
Solution(s)
oracle-linux-upgrade-krb5-develoracle-linux-upgrade-krb5-libsoracle-linux-upgrade-krb5-pkinitoracle-linux-upgrade-krb5-serveroracle-linux-upgrade-krb5-server-ldaporacle-linux-upgrade-krb5-workstationoracle-linux-upgrade-libkadm5

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.