vulnerability
Red Hat: CVE-2017-7562: Moderate: krb5 security, bug fix, and enhancement update (RHSA-2018:0666)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:L/Au:S/C:N/I:P/A:N) | 04/10/2018 | 04/11/2018 | 02/14/2023 |
Severity
4
CVSS
(AV:N/AC:L/Au:S/C:N/I:P/A:N)
Published
04/10/2018
Added
04/11/2018
Modified
02/14/2023
Description
An authentication bypass flaw was found in the way krb5's certauth interface before 1.16.1 handled the validation of client certificates. A remote attacker able to communicate with the KDC could potentially use this flaw to impersonate arbitrary principals under rare and erroneous circumstances.
Solution(s)
redhat-upgrade-krb5-debuginforedhat-upgrade-krb5-develredhat-upgrade-krb5-libsredhat-upgrade-krb5-pkinitredhat-upgrade-krb5-serverredhat-upgrade-krb5-server-ldapredhat-upgrade-krb5-workstationredhat-upgrade-libkadm5
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.