Lucene search
GoogleOSV:UBUNTU-CVE-2024-37370HistoryJun 28, 2024 - 10:15 p.m.
UBUNTU-CVE-2024-37370
2024-06-2822:15:00
Google
osv.dev
1
ubuntu
cve-2024-37370
mit kerberos
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
7
Confidence
High
In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.
Related
nvd
nvd
CVE-2024-37370
2024-06-28 22:15:02
osv
osv
CVE-2024-37370
2024-06-28 22:15:02
Security update for krb5
2024-07-04 14:21:12
Moderate: krb5 security update
2024-09-03 00:00:00
cvelist
cvelist
CVE-2024-37370
2024-06-28 00:00:00
nessus
nessus
CBL Mariner 2.0 Security Update: krb5 (CVE-2024-37370)
2024-08-06 00:00:00
SUSE SLES15 Security Update : krb5 (SUSE-SU-2024:2305-1)
2024-07-06 00:00:00
Debian dsa-5726 : krb5-admin-server - security update
2024-07-06 00:00:00
ubuntucve
ubuntucve
CVE-2024-37370
2024-06-28 00:00:00
CVE-2024-37371
2024-06-28 00:00:00
vulnrichment
vulnrichment
CVE-2024-37370
2024-06-28 00:00:00
cbl_mariner
cbl_mariner
CVE-2024-37370 affecting package krb5 for versions less than 1.21.3-1
2024-08-14 20:43:58
CVE-2024-37370 affecting package krb5 for versions less than 1.19.4-3
2024-08-05 03:22:58
veracode
veracode
Plaintext Modification
2024-07-01 11:00:24
alpinelinux
alpinelinux
CVE-2024-37370
2024-06-28 22:15:02
debiancve
debiancve
CVE-2024-37370
2024-06-28 22:15:02
cve
cve
CVE-2024-37370
2024-06-28 22:15:02
redhatcve
redhatcve
CVE-2024-37370
2024-06-28 05:08:57
redhat
redhat
(RHSA-2024:4734) Moderate: krb5 security update
2024-07-23 14:41:35
(RHSA-2024:5884) Moderate: krb5 security update
2024-08-27 07:29:05
(RHSA-2024:6166) Moderate: krb5 security update
2024-09-03 05:29:23
openvas
openvas
openSUSE: Security Advisory for krb5 (SUSE-SU-2024:2307-1)
2024-07-10 00:00:00
Huawei EulerOS: Security Advisory for krb5 (EulerOS-SA-2024-2419)
2024-09-12 00:00:00
Huawei EulerOS: Security Advisory for krb5 (EulerOS-SA-2024-2442)
2024-09-12 00:00:00
almalinux
almalinux
Moderate: krb5 security update
2024-09-03 00:00:00
Moderate: krb5 security update
2024-08-13 00:00:00
amazon
amazon
Medium: krb5
2024-07-18 02:00:00
redos
redos
ROS-20240911-04
2024-09-11 00:00:00
ibm
ibm
Security Bulletin: IBM DataPower Gateway vulnerable to data truncation and DoS in Kerberos (CVE-2024-37370 & CVE-2024-37371)
2024-09-03 14:18:56
ubuntu
ubuntu
Kerberos vulnerabilities
2024-08-08 00:00:00
oraclelinux
oraclelinux
krb5 security update
2024-08-13 00:00:00
krb5 security update
2024-09-03 00:00:00
mageia
mageia
Updated krb5 packages fix security vulnerabilities
2024-07-03 19:36:28
photon
photon
Critical Photon OS Security Update - PHSA-2024-3.0-0791
2024-09-04 00:00:00
Critical Photon OS Security Update - PHSA-2024-5.0-0355
2024-08-26 00:00:00
Critical Photon OS Security Update - PHSA-2024-4.0-0679
2024-09-02 00:00:00
fedora
fedora
[SECURITY] Fedora 40 Update: krb5-1.21.3-1.fc40
2024-07-13 02:46:57
[SECURITY] Fedora 39 Update: krb5-1.21.3-1.fc39
2024-07-17 01:19:01
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
7
Confidence
High
Related for OSV:UBUNTU-CVE-2024-37370