CVE-2014-5351
Severity Score
2.1
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The kadm5_randkey_principal_3 function in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13 sends old keys in a response to a -randkey -keepold request, which allows remote authenticated users to forge tickets by leveraging administrative access.
La función kadm5_randkey_principal_3 en lib/kadm5/srv/svr_principal.c en kadmind en MIT Kerberos 5 (también conocido como krb5) anterior a 1.13 envía claves viejas en respuesta a una solicitud -randkey -keepold, lo que permite a usuarios remotos autenticados falsificar tickets mediante el aprovechamiento del acceso administrativo.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2014-08-19 CVE Reserved
- 2014-10-10 CVE Published
- 2024-05-22 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-255: Credentials Management Errors
CAPEC
References (15)
| URL | Tag | Source |
|---|---|---|
| http://advisories.mageia.org/MGASA-2014-0477.html | X_refsource_confirm | |
| http://krbdev.mit.edu/rt/Ticket/Display.html?id=8018 | X_refsource_confirm | |
| http://www.securityfocus.com/bid/70380 | Vdb Entry | |
| http://www.securitytracker.com/id/1031003 | Vdb Entry | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1145425 | X_refsource_confirm | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/97028 | Vdb Entry | |
| https://github.com/krb5/krb5/commit/af0ed4df4dfae762ab5fb605f5a0c8f59cb4f6ca | X_refsource_confirm | |
| https://lists.debian.org/debian-lts-announce/2018/01/msg00040.html | Mailing List |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.12.2 Search vendor "Mit" for product "Kerberos 5" and version "1.12.2" | - |
Affected
| ||||||