- Description
- The kdcpreauth modules in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.2 do not properly track whether a client's request has been validated, which allows remote attackers to bypass an intended preauthentication requirement by providing (1) zero bytes of data or (2) an arbitrary realm name, related to plugins/preauth/otp/main.c and plugins/preauth/pkinit/pkinit_srv.c.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 5.8
- Impact score
- 4.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:P/I:P/A:N
- nvd@nist.gov
- CWE-264
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "79A9FAE9-7219-4D6A-9E94-FFE20223537D"
},
{
"criteria": "cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EA68BC90-FCFC-4C9B-8574-9029DB2358E9"
},
{
"criteria": "cpe:2.3:a:mit:kerberos_5:1.12.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9D0A28CB-173D-4676-B083-E3718213B840"
},
{
"criteria": "cpe:2.3:a:mit:kerberos_5:1.12.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AA3D2861-7EB7-4984-AC92-989B427BDB58"
},
{
"criteria": "cpe:2.3:a:mit:kerberos_5:1.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "169D00BD-344F-453C-BE7C-9DF0740080BB"
},
{
"criteria": "cpe:2.3:a:mit:kerberos_5:1.13.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "765B3248-A524-4A79-858C-E787C1C1599E"
}
],
"operator": "OR"
}
]
}
]