vulnerability
Red Hat: CVE-2017-7562: Moderate: krb5 security, bug fix, and enhancement update (RHSA-2018:0666)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:L/Au:S/C:N/I:P/A:N) | 2018-04-10 | 2018-04-11 | 2023-02-14 |
Severity
4
CVSS
(AV:N/AC:L/Au:S/C:N/I:P/A:N)
Published
2018-04-10
Added
2018-04-11
Modified
2023-02-14
Description
An authentication bypass flaw was found in the way krb5's certauth interface before 1.16.1 handled the validation of client certificates. A remote attacker able to communicate with the KDC could potentially use this flaw to impersonate arbitrary principals under rare and erroneous circumstances.
Solution(s)
redhat-upgrade-krb5-debuginforedhat-upgrade-krb5-develredhat-upgrade-krb5-libsredhat-upgrade-krb5-pkinitredhat-upgrade-krb5-serverredhat-upgrade-krb5-server-ldapredhat-upgrade-krb5-workstationredhat-upgrade-libkadm5
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.