CVE-2014-1316 — Improper Input Validation in Apple MAC OS X

CWE-20 — Improper Input Validation CWE-2644 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

0.5%

top 35.23%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple MAC OS X Citrix Netscaler ADC Gateway

Timeline

PublishedApr 23

Latest updateMay 17

Description

Heimdal, as used in Apple OS X through 10.9.2, allows remote attackers to cause a denial of service (abort and daemon exit) via ASN.1 data encountered in the Kerberos 5 protocol.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

▶NVDapple/mac_os_x10.9.2+2

▶citrixcitrix/netscaler_adc_gateway

🔴Vulnerability Details

GHSA

GHSA-vj8m-39p5-g2cm: Heimdal, as used in Apple OS X through 10↗2022-05-17

▶

📋Vendor Advisories

Citrix

CVE-2014-8580: Citrix NetScaler Application Delivery Controller and NetScaler Gateway 10.5.50.10 before 10.5-52.11, 10.1.122.17 before 10.1-129.11, and 10.1-120.1316↗2014-11-07

▶

Citrix

CVE-2014-8580 - Authentication Flaw in Citrix NetScaler Application Delivery Controller and NetScaler Gateway Could Result in Unauthorised Access to Network Resources↗

▶