CVE-2024-37371 - CERT CVE

  1. CVE-2024-37371

ID CVE-2024-37371
Sažetak In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.
Reference
CVSS
Base: 9.1
Impact: 5.2
Exploitability:3.9
Pristup
VektorSloženostAutentikacija
NETWORK LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
HIGH NONE HIGH
CVSS vektor CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Zadnje važnije ažuriranje 13-03-2025 - 21:15
Objavljeno 28-06-2024 - 23:15