cbcvebase.
CVE-2017-7562
published 2018-07-26

CVE-2017-7562: An authentication bypass flaw was found in the way krb5's certauth interface before 1.16.1 handled the validation of client certificates. A remote attacker…

PriorityP342medium6.5CVSS 3.1
AVNACLPRLUINSUCNIHAN
EPSS
3.30%
87.0th percentile
An authentication bypass flaw was found in the way krb5's certauth interface before 1.16.1 handled the validation of client certificates. A remote attacker able to communicate with the KDC could potentially use this flaw to impersonate arbitrary principals under rare and erroneous circumstances.

Affected

7 ranges
VendorProductVersion rangeFixed in
debiankrb5
mitkerberos_5>= 1.0 < 1.16.11.16.1
mitkrb5
redhatenterprise_linux
redhatenterprise_linux_desktop
redhatenterprise_linux_server
redhatenterprise_linux_workstation

CVSS provenance

nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
nvdv3.06.5MEDIUMCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
nvdv2.04.0MEDIUMAV:N/AC:L/Au:S/C:N/I:P/A:N
vendor_debian6.5LOW
vendor_redhat6.5MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.