CVE-2017-7562

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions Kerberos versions prior to 1.16.1

Description An authentication bypass flaw was found in the way krb5's certauth interface handled the validation of client certificates. A remote attacker able to communicate with the KDC could potentially use this flaw to impersonate arbitrary principals under rare and erroneous circumstances.

Recommendations For versions prior to 1.16.1, update to version 1.16.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the certauth interface until a patch is available.

Fix

Improper Certificate Validation

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-295CWE-287

Related Identifiers

ALT-PU-2018-2231

CESA-2018_0666

CVE-2017-7562

MGASA-2017-0420

RHSA-2018:0666

RHSA-2018_0666

SUSE-SU-2018:1425-1

SUSE-SU-2018_1425-1

Affected Products

Alt Linux

Centos

Kerberos

Red Hat

Suse

CVE-2017-7562

Weakness Enumeration

Related Identifiers

Affected Products

References · 22