CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
AI Score
Confidence
Low
A vulnerability in the Kerberos network authentication protocol is associated with modification of the Extra Count open field
of the confidential GSS krb5 shell token. Exploitation of the vulnerability allows an attacker acting remotely to affect the integrity and operation of the system.
remotely to affect the integrity and operation of the system
A vulnerability in the Kerberos network authentication protocol is related to causing a memory read during the
GSS message token processing. Exploitation of the vulnerability allows a remote attacker,
affect confidentiality, integrity and availability of protected information
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
redos | 7.3 | x86_64 | krb5-server | < 1.20.1-4 | UNKNOWN |