vulnerability
Red Hat: CVE-2018-5730: Low: krb5 security, bug fix, and enhancement update (RHSA-2018:3071)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:N/AC:L/Au:S/C:P/I:P/A:N) | 2018-03-06 | 2018-10-31 | 2021-03-03 |
Severity
6
CVSS
(AV:N/AC:L/Au:S/C:P/I:P/A:N)
Published
2018-03-06
Added
2018-10-31
Modified
2021-03-03
Description
MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a "linkdn" and "containerdn" database argument, or by supplying a DN string which is a left extension of a container DN string but is not hierarchically within the container DN.
Solution(s)
redhat-upgrade-krb5-debuginforedhat-upgrade-krb5-develredhat-upgrade-krb5-libsredhat-upgrade-krb5-pkinitredhat-upgrade-krb5-serverredhat-upgrade-krb5-server-ldapredhat-upgrade-krb5-workstationredhat-upgrade-libkadm5
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.