Lucene search

K
vulnrichmentMitreVULNRICHMENT:CVE-2024-37371
HistoryJun 28, 2024 - 12:00 a.m.

CVE-2024-37371

2024-06-2800:00:00
mitre
github.com
6
mit kerberos 5
vulnerability
gss message[token] handling
memory reads
invalid length fields.

AI Score

6.4

Confidence

Low

EPSS

0.001

Percentile

37.7%

SSVC

Exploitation

none

Automatable

no

Technical Impact

partial

In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.

AI Score

6.4

Confidence

Low

EPSS

0.001

Percentile

37.7%

SSVC

Exploitation

none

Automatable

no

Technical Impact

partial