Action not permitted
Modal body text goes here.
Modal Title
Modal Body
wid-sec-w-2022-0602
Vulnerability from csaf_certbund
Published
2022-07-06 22:00
Modified
2024-01-17 23:00
Summary
IBM Security Verify Access: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM Security Verify Access, ehemals IBM Security Access Manager (ISAM), ist eine Zugriffsverwaltungslösung.
Angriff
Ein entfernter anonymer, authentisierter oder lokaler Angreifer oder ein Angreifer aus dem angrenzenden Netzwerk kann mehrere Schwachstellen in IBM Security Verify Access ausnutzen, um einen Cross-Site-Scripting-Angriff durchzuführen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern, Informationen zu manipulieren, einen Denial-of-Service-Zustand zu verursachen und Sicherheitsmaßnahmen zu umgehen.
Betroffene Betriebssysteme
- Linux
- Sonstiges
{ "document": { "aggregate_severity": { "text": "mittel" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "IBM Security Verify Access, ehemals IBM Security Access Manager (ISAM), ist eine Zugriffsverwaltungsl\u00f6sung.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter anonymer, authentisierter oder lokaler Angreifer oder ein Angreifer aus dem angrenzenden Netzwerk kann mehrere Schwachstellen in IBM Security Verify Access ausnutzen, um einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern, Informationen zu manipulieren, einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen.", "title": "Angriff" }, { "category": "general", "text": "- Linux\n- Sonstiges", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2022-0602 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0602.json" }, { "category": "self", "summary": "WID-SEC-2022-0602 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0602" }, { "category": "external", "summary": "IBM Security Advisory vom 2022-07-06", "url": "https://www.ibm.com/support/pages/node/6601725" }, { "category": "external", "summary": "IBM Security Advisory vom 2022-07-06", "url": "https://www.ibm.com/support/pages/node/6601729" }, { "category": "external", "summary": "IBM Security Advisory vom 2022-07-06", "url": "https://www.ibm.com/support/pages/node/6601731" }, { "category": "external", "summary": "IBM Security Advisory vom 2022-07-06", "url": "https://www.ibm.com/support/pages/node/6601733" }, { "category": "external", "summary": "IBM Security Bulletin 7108821 vom 2024-01-17", "url": "https://www.ibm.com/support/pages/node/7108821" } ], "source_lang": "en-US", "title": "IBM Security Verify Access: Mehrere Schwachstellen", "tracking": { "current_release_date": "2024-01-17T23:00:00.000+00:00", "generator": { "date": "2024-02-15T16:52:22.007+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2022-0602", "initial_release_date": "2022-07-06T22:00:00.000+00:00", "revision_history": [ { "date": "2022-07-06T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2024-01-17T23:00:00.000+00:00", "number": "2", "summary": "Neue Updates von IBM aufgenommen" } ], "status": "final", "version": "2" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "IBM Security Verify Access 10.0.0", "product": { "name": "IBM Security Verify Access 10.0.0", "product_id": "822913", "product_identification_helper": { "cpe": "cpe:/a:ibm:security_verify_access:10.0.0" } } }, { "category": "product_name", "name": "IBM Security Verify Access Docker 10.0.0", "product": { "name": "IBM Security Verify Access Docker 10.0.0", "product_id": "T019827", "product_identification_helper": { "cpe": "cpe:/a:ibm:security_verify_access:docker_container__10.0.2.0" } } }, { "category": "product_name", "name": "IBM Security Verify Access 10.0.0.0 - 10.0.6.1", "product": { "name": "IBM Security Verify Access 10.0.0.0 - 10.0.6.1", "product_id": "T031895", "product_identification_helper": { "cpe": "cpe:/a:ibm:security_verify_access:10.0.0.0_-_10.0.6.1" } } } ], "category": "product_name", "name": "Security Verify Access" } ], "category": "vendor", "name": "IBM" } ] }, "vulnerabilities": [ { "cve": "CVE-2010-1323", "notes": [ { "category": "description", "text": "In IBM Security Verify Access existieren mehrere Schwachstellen. Neben dem Programm sind auch die folgenden Komponenten betroffen: Manager Appliance, libxml2, OpenSSL, yaml-cpp, MIT Kerberos, MIT krb5 und FasterXML jackson-databind. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer oder ein Angreifer aus dem angrenzenden Netzwerk kann diese Schwachstellen ausnutzen, um einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern, Informationen zu manipulieren, einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T031895", "822913", "T019827" ] }, "release_date": "2022-07-06T22:00:00Z", "title": "CVE-2010-1323" }, { "cve": "CVE-2010-1324", "notes": [ { "category": "description", "text": "In IBM Security Verify Access existieren mehrere Schwachstellen. Neben dem Programm sind auch die folgenden Komponenten betroffen: Manager Appliance, libxml2, OpenSSL, yaml-cpp, MIT Kerberos, MIT krb5 und FasterXML jackson-databind. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer oder ein Angreifer aus dem angrenzenden Netzwerk kann diese Schwachstellen ausnutzen, um einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern, Informationen zu manipulieren, einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T031895", "822913", "T019827" ] }, "release_date": "2022-07-06T22:00:00Z", "title": "CVE-2010-1324" }, { "cve": "CVE-2010-4020", "notes": [ { "category": "description", "text": "In IBM Security Verify Access existieren mehrere Schwachstellen. Neben dem Programm sind auch die folgenden Komponenten betroffen: Manager Appliance, libxml2, OpenSSL, yaml-cpp, MIT Kerberos, MIT krb5 und FasterXML jackson-databind. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer oder ein Angreifer aus dem angrenzenden Netzwerk kann diese Schwachstellen ausnutzen, um einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern, Informationen zu manipulieren, einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T031895", "822913", "T019827" ] }, "release_date": "2022-07-06T22:00:00Z", "title": "CVE-2010-4020" }, { "cve": "CVE-2010-4021", "notes": [ { "category": "description", "text": "In IBM Security Verify Access existieren mehrere Schwachstellen. Neben dem Programm sind auch die folgenden Komponenten betroffen: Manager Appliance, libxml2, OpenSSL, yaml-cpp, MIT Kerberos, MIT krb5 und FasterXML jackson-databind. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer oder ein Angreifer aus dem angrenzenden Netzwerk kann diese Schwachstellen ausnutzen, um einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern, Informationen zu manipulieren, einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T031895", "822913", "T019827" ] }, "release_date": "2022-07-06T22:00:00Z", "title": "CVE-2010-4021" }, { "cve": "CVE-2017-11692", "notes": [ { "category": "description", "text": "In IBM Security Verify Access existieren mehrere Schwachstellen. Neben dem Programm sind auch die folgenden Komponenten betroffen: Manager Appliance, libxml2, OpenSSL, yaml-cpp, MIT Kerberos, MIT krb5 und FasterXML jackson-databind. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer oder ein Angreifer aus dem angrenzenden Netzwerk kann diese Schwachstellen ausnutzen, um einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern, Informationen zu manipulieren, einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T031895", "822913", "T019827" ] }, "release_date": "2022-07-06T22:00:00Z", "title": "CVE-2017-11692" }, { "cve": "CVE-2018-20217", "notes": [ { "category": "description", "text": "In IBM Security Verify Access existieren mehrere Schwachstellen. Neben dem Programm sind auch die folgenden Komponenten betroffen: Manager Appliance, libxml2, OpenSSL, yaml-cpp, MIT Kerberos, MIT krb5 und FasterXML jackson-databind. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer oder ein Angreifer aus dem angrenzenden Netzwerk kann diese Schwachstellen ausnutzen, um einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern, Informationen zu manipulieren, einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T031895", "822913", "T019827" ] }, "release_date": "2022-07-06T22:00:00Z", "title": "CVE-2018-20217" }, { "cve": "CVE-2018-20573", "notes": [ { "category": "description", "text": "In IBM Security Verify Access existieren mehrere Schwachstellen. Neben dem Programm sind auch die folgenden Komponenten betroffen: Manager Appliance, libxml2, OpenSSL, yaml-cpp, MIT Kerberos, MIT krb5 und FasterXML jackson-databind. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer oder ein Angreifer aus dem angrenzenden Netzwerk kann diese Schwachstellen ausnutzen, um einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern, Informationen zu manipulieren, einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T031895", "822913", "T019827" ] }, "release_date": "2022-07-06T22:00:00Z", "title": "CVE-2018-20573" }, { "cve": "CVE-2018-20574", "notes": [ { "category": "description", "text": "In IBM Security Verify Access existieren mehrere Schwachstellen. Neben dem Programm sind auch die folgenden Komponenten betroffen: Manager Appliance, libxml2, OpenSSL, yaml-cpp, MIT Kerberos, MIT krb5 und FasterXML jackson-databind. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer oder ein Angreifer aus dem angrenzenden Netzwerk kann diese Schwachstellen ausnutzen, um einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern, Informationen zu manipulieren, einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T031895", "822913", "T019827" ] }, "release_date": "2022-07-06T22:00:00Z", "title": "CVE-2018-20574" }, { "cve": "CVE-2018-5730", "notes": [ { "category": "description", "text": "In IBM Security Verify Access existieren mehrere Schwachstellen. Neben dem Programm sind auch die folgenden Komponenten betroffen: Manager Appliance, libxml2, OpenSSL, yaml-cpp, MIT Kerberos, MIT krb5 und FasterXML jackson-databind. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer oder ein Angreifer aus dem angrenzenden Netzwerk kann diese Schwachstellen ausnutzen, um einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern, Informationen zu manipulieren, einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T031895", "822913", "T019827" ] }, "release_date": "2022-07-06T22:00:00Z", "title": "CVE-2018-5730" }, { "cve": "CVE-2019-6285", "notes": [ { "category": "description", "text": "In IBM Security Verify Access existieren mehrere Schwachstellen. Neben dem Programm sind auch die folgenden Komponenten betroffen: Manager Appliance, libxml2, OpenSSL, yaml-cpp, MIT Kerberos, MIT krb5 und FasterXML jackson-databind. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer oder ein Angreifer aus dem angrenzenden Netzwerk kann diese Schwachstellen ausnutzen, um einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern, Informationen zu manipulieren, einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T031895", "822913", "T019827" ] }, "release_date": "2022-07-06T22:00:00Z", "title": "CVE-2019-6285" }, { "cve": "CVE-2020-28196", "notes": [ { "category": "description", "text": "In IBM Security Verify Access existieren mehrere Schwachstellen. Neben dem Programm sind auch die folgenden Komponenten betroffen: Manager Appliance, libxml2, OpenSSL, yaml-cpp, MIT Kerberos, MIT krb5 und FasterXML jackson-databind. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer oder ein Angreifer aus dem angrenzenden Netzwerk kann diese Schwachstellen ausnutzen, um einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern, Informationen zu manipulieren, einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T031895", "822913", "T019827" ] }, "release_date": "2022-07-06T22:00:00Z", "title": "CVE-2020-28196" }, { "cve": "CVE-2021-23840", "notes": [ { "category": "description", "text": "In IBM Security Verify Access existieren mehrere Schwachstellen. Neben dem Programm sind auch die folgenden Komponenten betroffen: Manager Appliance, libxml2, OpenSSL, yaml-cpp, MIT Kerberos, MIT krb5 und FasterXML jackson-databind. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer oder ein Angreifer aus dem angrenzenden Netzwerk kann diese Schwachstellen ausnutzen, um einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern, Informationen zu manipulieren, einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T031895", "822913", "T019827" ] }, "release_date": "2022-07-06T22:00:00Z", "title": "CVE-2021-23840" }, { "cve": "CVE-2021-23841", "notes": [ { "category": "description", "text": "In IBM Security Verify Access existieren mehrere Schwachstellen. Neben dem Programm sind auch die folgenden Komponenten betroffen: Manager Appliance, libxml2, OpenSSL, yaml-cpp, MIT Kerberos, MIT krb5 und FasterXML jackson-databind. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer oder ein Angreifer aus dem angrenzenden Netzwerk kann diese Schwachstellen ausnutzen, um einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern, Informationen zu manipulieren, einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T031895", "822913", "T019827" ] }, "release_date": "2022-07-06T22:00:00Z", "title": "CVE-2021-23841" }, { "cve": "CVE-2021-3712", "notes": [ { "category": "description", "text": "In IBM Security Verify Access existieren mehrere Schwachstellen. Neben dem Programm sind auch die folgenden Komponenten betroffen: Manager Appliance, libxml2, OpenSSL, yaml-cpp, MIT Kerberos, MIT krb5 und FasterXML jackson-databind. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer oder ein Angreifer aus dem angrenzenden Netzwerk kann diese Schwachstellen ausnutzen, um einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern, Informationen zu manipulieren, einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T031895", "822913", "T019827" ] }, "release_date": "2022-07-06T22:00:00Z", "title": "CVE-2021-3712" }, { "cve": "CVE-2022-22370", "notes": [ { "category": "description", "text": "In IBM Security Verify Access existieren mehrere Schwachstellen. Neben dem Programm sind auch die folgenden Komponenten betroffen: Manager Appliance, libxml2, OpenSSL, yaml-cpp, MIT Kerberos, MIT krb5 und FasterXML jackson-databind. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer oder ein Angreifer aus dem angrenzenden Netzwerk kann diese Schwachstellen ausnutzen, um einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern, Informationen zu manipulieren, einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T031895", "822913", "T019827" ] }, "release_date": "2022-07-06T22:00:00Z", "title": "CVE-2022-22370" }, { "cve": "CVE-2022-22463", "notes": [ { "category": "description", "text": "In IBM Security Verify Access existieren mehrere Schwachstellen. Neben dem Programm sind auch die folgenden Komponenten betroffen: Manager Appliance, libxml2, OpenSSL, yaml-cpp, MIT Kerberos, MIT krb5 und FasterXML jackson-databind. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer oder ein Angreifer aus dem angrenzenden Netzwerk kann diese Schwachstellen ausnutzen, um einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern, Informationen zu manipulieren, einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T031895", "822913", "T019827" ] }, "release_date": "2022-07-06T22:00:00Z", "title": "CVE-2022-22463" }, { "cve": "CVE-2022-22464", "notes": [ { "category": "description", "text": "In IBM Security Verify Access existieren mehrere Schwachstellen. Neben dem Programm sind auch die folgenden Komponenten betroffen: Manager Appliance, libxml2, OpenSSL, yaml-cpp, MIT Kerberos, MIT krb5 und FasterXML jackson-databind. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer oder ein Angreifer aus dem angrenzenden Netzwerk kann diese Schwachstellen ausnutzen, um einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern, Informationen zu manipulieren, einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T031895", "822913", "T019827" ] }, "release_date": "2022-07-06T22:00:00Z", "title": "CVE-2022-22464" }, { "cve": "CVE-2022-22465", "notes": [ { "category": "description", "text": "In IBM Security Verify Access existieren mehrere Schwachstellen. Neben dem Programm sind auch die folgenden Komponenten betroffen: Manager Appliance, libxml2, OpenSSL, yaml-cpp, MIT Kerberos, MIT krb5 und FasterXML jackson-databind. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer oder ein Angreifer aus dem angrenzenden Netzwerk kann diese Schwachstellen ausnutzen, um einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern, Informationen zu manipulieren, einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T031895", "822913", "T019827" ] }, "release_date": "2022-07-06T22:00:00Z", "title": "CVE-2022-22465" }, { "cve": "CVE-2022-23308", "notes": [ { "category": "description", "text": "In IBM Security Verify Access existieren mehrere Schwachstellen. Neben dem Programm sind auch die folgenden Komponenten betroffen: Manager Appliance, libxml2, OpenSSL, yaml-cpp, MIT Kerberos, MIT krb5 und FasterXML jackson-databind. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer oder ein Angreifer aus dem angrenzenden Netzwerk kann diese Schwachstellen ausnutzen, um einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern, Informationen zu manipulieren, einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T031895", "822913", "T019827" ] }, "release_date": "2022-07-06T22:00:00Z", "title": "CVE-2022-23308" } ] }
cve-2019-6285
Vulnerability from cvelistv5
Published
2019-01-14 22:00
Modified
2024-09-17 02:32
Severity ?
EPSS score ?
Summary
The SingleDocParser::HandleFlowSequence function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.
References
▼ | URL | Tags |
---|---|---|
https://github.com/jbeder/yaml-cpp/issues/660 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T20:16:24.766Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/jbeder/yaml-cpp/issues/660" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "The SingleDocParser::HandleFlowSequence function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-01-14T22:00:00Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/jbeder/yaml-cpp/issues/660" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-6285", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The SingleDocParser::HandleFlowSequence function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/jbeder/yaml-cpp/issues/660", "refsource": "MISC", "url": "https://github.com/jbeder/yaml-cpp/issues/660" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-6285", "datePublished": "2019-01-14T22:00:00Z", "dateReserved": "2019-01-14T00:00:00Z", "dateUpdated": "2024-09-17T02:32:40.994Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-20574
Vulnerability from cvelistv5
Published
2018-12-28 16:00
Modified
2024-09-16 20:38
Severity ?
EPSS score ?
Summary
The SingleDocParser::HandleFlowMap function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.
References
▼ | URL | Tags |
---|---|---|
https://github.com/jbeder/yaml-cpp/issues/654 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T12:05:17.410Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/jbeder/yaml-cpp/issues/654" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "The SingleDocParser::HandleFlowMap function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-12-28T16:00:00Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/jbeder/yaml-cpp/issues/654" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-20574", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The SingleDocParser::HandleFlowMap function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/jbeder/yaml-cpp/issues/654", "refsource": "MISC", "url": "https://github.com/jbeder/yaml-cpp/issues/654" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-20574", "datePublished": "2018-12-28T16:00:00Z", "dateReserved": "2018-12-28T00:00:00Z", "dateUpdated": "2024-09-16T20:38:12.684Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-23840
Vulnerability from cvelistv5
Published
2021-02-16 16:55
Modified
2024-09-17 02:16
Severity ?
EPSS score ?
Summary
Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T19:14:09.252Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.openssl.org/news/secadv/20210216.txt" }, { "tags": [ "x_transferred" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1" }, { "tags": [ "x_transferred" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2" }, { "name": "DSA-4855", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2021/dsa-4855" }, { "name": "GLSA-202103-03", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202103-03" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "tags": [ "x_transferred" ], "url": "https://www.tenable.com/security/tns-2021-10" }, { "tags": [ "x_transferred" ], "url": "https://www.tenable.com/security/tns-2021-09" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20210219-0009/" }, { "tags": [ "x_transferred" ], "url": "https://www.tenable.com/security/tns-2021-03" }, { "name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E" }, { "name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "tags": [ "x_transferred" ], "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "tags": [ "x_transferred" ], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10366" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "OpenSSL", "vendor": "OpenSSL", "versions": [ { "status": "affected", "version": "Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i)" }, { "status": "affected", "version": "Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x)" } ] } ], "credits": [ { "lang": "en", "value": "Paul Kehrer" } ], "datePublic": "2021-02-16T00:00:00", "descriptions": [ { "lang": "en", "value": "Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x)." } ], "metrics": [ { "other": { "content": { "lang": "eng", "url": "https://www.openssl.org/policies/secpolicy.html#Low", "value": "Low" }, "type": "unknown" } } ], "problemTypes": [ { "descriptions": [ { "description": "Overflow", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-21T19:07:42.484657", "orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5", "shortName": "openssl" }, "references": [ { "url": "https://www.openssl.org/news/secadv/20210216.txt" }, { "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1" }, { "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2" }, { "name": "DSA-4855", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2021/dsa-4855" }, { "name": "GLSA-202103-03", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202103-03" }, { "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "url": "https://www.tenable.com/security/tns-2021-10" }, { "url": "https://www.tenable.com/security/tns-2021-09" }, { "url": "https://security.netapp.com/advisory/ntap-20210219-0009/" }, { "url": "https://www.tenable.com/security/tns-2021-03" }, { "name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E" }, { "name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E" }, { "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846" }, { "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10366" }, { "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" }, { "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" } ], "title": "Integer overflow in CipherUpdate" } }, "cveMetadata": { "assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5", "assignerShortName": "openssl", "cveId": "CVE-2021-23840", "datePublished": "2021-02-16T16:55:18.192713Z", "dateReserved": "2021-01-12T00:00:00", "dateUpdated": "2024-09-17T02:16:35.124Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-11692
Vulnerability from cvelistv5
Published
2017-07-30 17:00
Modified
2024-08-05 18:19
Severity ?
EPSS score ?
Summary
The function "Token& Scanner::peek" in scanner.cpp in yaml-cpp 0.5.3 and earlier allows remote attackers to cause a denial of service (assertion failure and application exit) via a '!2' string.
References
▼ | URL | Tags |
---|---|---|
https://github.com/jbeder/yaml-cpp/issues/519 | x_refsource_MISC | |
https://security.gentoo.org/glsa/202007-14 | vendor-advisory, x_refsource_GENTOO |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T18:19:37.733Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/jbeder/yaml-cpp/issues/519" }, { "name": "GLSA-202007-14", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202007-14" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2017-07-30T00:00:00", "descriptions": [ { "lang": "en", "value": "The function \"Token\u0026 Scanner::peek\" in scanner.cpp in yaml-cpp 0.5.3 and earlier allows remote attackers to cause a denial of service (assertion failure and application exit) via a \u0027!2\u0027 string." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2020-07-27T01:07:24", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/jbeder/yaml-cpp/issues/519" }, { "name": "GLSA-202007-14", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202007-14" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-11692", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The function \"Token\u0026 Scanner::peek\" in scanner.cpp in yaml-cpp 0.5.3 and earlier allows remote attackers to cause a denial of service (assertion failure and application exit) via a \u0027!2\u0027 string." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/jbeder/yaml-cpp/issues/519", "refsource": "MISC", "url": "https://github.com/jbeder/yaml-cpp/issues/519" }, { "name": "GLSA-202007-14", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202007-14" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-11692", "datePublished": "2017-07-30T17:00:00", "dateReserved": "2017-07-27T00:00:00", "dateUpdated": "2024-08-05T18:19:37.733Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2010-4021
Vulnerability from cvelistv5
Published
2010-12-02 16:00
Modified
2024-08-07 03:26
Severity ?
EPSS score ?
Summary
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 does not properly restrict the use of TGT credentials for armoring TGS requests, which might allow remote authenticated users to impersonate a client by rewriting an inner request, aka a "KrbFastReq forgery issue."
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T03:26:12.376Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "ADV-2010-3094", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/3094" }, { "name": "MDVSA-2010:246", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:246" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://kb.vmware.com/kb/1035108" }, { "name": "ADV-2010-3118", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/3118" }, { "name": "20101130 MITKRB5-SA-2010-007 Multiple checksum handling vulnerabilities [CVE-2010-1324 CVE-2010-1323 CVE-2010-4020 CVE-2010-4021]", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/514953/100/0/threaded" }, { "name": "SUSE-SR:2010:023", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html" }, { "name": "69607", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://osvdb.org/69607" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.vmware.com/security/advisories/VMSA-2011-0007.html" }, { "name": "APPLE-SA-2011-03-21-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-007.txt" }, { "name": "45122", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/45122" }, { "name": "[security-announce] 20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://lists.vmware.com/pipermail/security-announce/2011/000133.html" }, { "name": "1024803", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id?1024803" }, { "name": "20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/517739/100/0/threaded" }, { "name": "SUSE-SR:2010:024", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html" }, { "name": "USN-1030-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-1030-1" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT4581" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2010-11-30T00:00:00", "descriptions": [ { "lang": "en", "value": "The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 does not properly restrict the use of TGT credentials for armoring TGS requests, which might allow remote authenticated users to impersonate a client by rewriting an inner request, aka a \"KrbFastReq forgery issue.\"" } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-10T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "ADV-2010-3094", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/3094" }, { "name": "MDVSA-2010:246", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:246" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://kb.vmware.com/kb/1035108" }, { "name": "ADV-2010-3118", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/3118" }, { "name": "20101130 MITKRB5-SA-2010-007 Multiple checksum handling vulnerabilities [CVE-2010-1324 CVE-2010-1323 CVE-2010-4020 CVE-2010-4021]", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/514953/100/0/threaded" }, { "name": "SUSE-SR:2010:023", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html" }, { "name": "69607", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://osvdb.org/69607" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.vmware.com/security/advisories/VMSA-2011-0007.html" }, { "name": "APPLE-SA-2011-03-21-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-007.txt" }, { "name": "45122", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/45122" }, { "name": "[security-announce] 20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://lists.vmware.com/pipermail/security-announce/2011/000133.html" }, { "name": "1024803", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id?1024803" }, { "name": "20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/517739/100/0/threaded" }, { "name": "SUSE-SR:2010:024", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html" }, { "name": "USN-1030-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-1030-1" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT4581" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2010-4021", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 does not properly restrict the use of TGT credentials for armoring TGS requests, which might allow remote authenticated users to impersonate a client by rewriting an inner request, aka a \"KrbFastReq forgery issue.\"" } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "ADV-2010-3094", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/3094" }, { "name": "MDVSA-2010:246", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:246" }, { "name": "http://kb.vmware.com/kb/1035108", "refsource": "CONFIRM", "url": "http://kb.vmware.com/kb/1035108" }, { "name": "ADV-2010-3118", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/3118" }, { "name": "20101130 MITKRB5-SA-2010-007 Multiple checksum handling vulnerabilities [CVE-2010-1324 CVE-2010-1323 CVE-2010-4020 CVE-2010-4021]", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/514953/100/0/threaded" }, { "name": "SUSE-SR:2010:023", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html" }, { "name": "69607", "refsource": "OSVDB", "url": "http://osvdb.org/69607" }, { "name": "http://www.vmware.com/security/advisories/VMSA-2011-0007.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/security/advisories/VMSA-2011-0007.html" }, { "name": "APPLE-SA-2011-03-21-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html" }, { "name": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-007.txt", "refsource": "CONFIRM", "url": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-007.txt" }, { "name": "45122", "refsource": "BID", "url": "http://www.securityfocus.com/bid/45122" }, { "name": "[security-announce] 20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console", "refsource": "MLIST", "url": "http://lists.vmware.com/pipermail/security-announce/2011/000133.html" }, { "name": "1024803", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1024803" }, { "name": "20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/517739/100/0/threaded" }, { "name": "SUSE-SR:2010:024", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html" }, { "name": "USN-1030-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-1030-1" }, { "name": "http://support.apple.com/kb/HT4581", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT4581" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2010-4021", "datePublished": "2010-12-02T16:00:00", "dateReserved": "2010-10-20T00:00:00", "dateUpdated": "2024-08-07T03:26:12.376Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-22463
Vulnerability from cvelistv5
Published
2022-07-08 17:45
Modified
2024-09-16 16:38
Severity ?
EPSS score ?
Summary
IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 225079.
References
▼ | URL | Tags |
---|---|---|
https://www.ibm.com/support/pages/node/6601729 | x_refsource_CONFIRM | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/225079 | vdb-entry, x_refsource_XF |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | IBM | Security Verify Access |
Version: 10.0.2.0 Version: 10.0.0.0 Version: 10.0.1.0 Version: 10.0.3.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T03:14:55.220Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.ibm.com/support/pages/node/6601729" }, { "name": "ibm-sam-cve202222463-sql-injection (225079)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/225079" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Security Verify Access", "vendor": "IBM", "versions": [ { "status": "affected", "version": "10.0.2.0" }, { "status": "affected", "version": "10.0.0.0" }, { "status": "affected", "version": "10.0.1.0" }, { "status": "affected", "version": "10.0.3.0" } ] } ], "datePublic": "2022-07-06T00:00:00", "descriptions": [ { "lang": "en", "value": "IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 225079." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "exploitCodeMaturity": "UNPROVEN", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "remediationLevel": "OFFICIAL_FIX", "reportConfidence": "CONFIRMED", "scope": "CHANGED", "temporalScore": 4.7, "temporalSeverity": "MEDIUM", "userInteraction": "NONE", "vectorString": "CVSS:3.0/C:H/PR:H/A:N/AC:H/AV:A/S:C/UI:N/I:N/RL:O/RC:C/E:U", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "description": "Data Manipulation", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-07-08T17:45:20", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.ibm.com/support/pages/node/6601729" }, { "name": "ibm-sam-cve202222463-sql-injection (225079)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/225079" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@us.ibm.com", "DATE_PUBLIC": "2022-07-06T00:00:00", "ID": "CVE-2022-22463", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Security Verify Access", "version": { "version_data": [ { "version_value": "10.0.2.0" }, { "version_value": "10.0.0.0" }, { "version_value": "10.0.1.0" }, { "version_value": "10.0.3.0" } ] } } ] }, "vendor_name": "IBM" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 225079." } ] }, "impact": { "cvssv3": { "BM": { "A": "N", "AC": "H", "AV": "A", "C": "H", "I": "N", "PR": "H", "S": "C", "UI": "N" }, "TM": { "E": "U", "RC": "C", "RL": "O" } } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Data Manipulation" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.ibm.com/support/pages/node/6601729", "refsource": "CONFIRM", "title": "IBM Security Bulletin 6601729 (Security Verify Access)", "url": "https://www.ibm.com/support/pages/node/6601729" }, { "name": "ibm-sam-cve202222463-sql-injection (225079)", "refsource": "XF", "title": "X-Force Vulnerability Report", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/225079" } ] } } } }, "cveMetadata": { "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2022-22463", "datePublished": "2022-07-08T17:45:21.020316Z", "dateReserved": "2022-01-03T00:00:00", "dateUpdated": "2024-09-16T16:38:44.289Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-20573
Vulnerability from cvelistv5
Published
2018-12-28 16:00
Modified
2024-09-17 02:02
Severity ?
EPSS score ?
Summary
The Scanner::EnsureTokensInQueue function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.
References
▼ | URL | Tags |
---|---|---|
https://github.com/jbeder/yaml-cpp/issues/655 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T12:05:17.519Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/jbeder/yaml-cpp/issues/655" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "The Scanner::EnsureTokensInQueue function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-12-28T16:00:00Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/jbeder/yaml-cpp/issues/655" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-20573", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The Scanner::EnsureTokensInQueue function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/jbeder/yaml-cpp/issues/655", "refsource": "MISC", "url": "https://github.com/jbeder/yaml-cpp/issues/655" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-20573", "datePublished": "2018-12-28T16:00:00Z", "dateReserved": "2018-12-28T00:00:00Z", "dateUpdated": "2024-09-17T02:02:36.908Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-23841
Vulnerability from cvelistv5
Published
2021-02-16 16:55
Modified
2024-09-16 22:39
Severity ?
EPSS score ?
Summary
The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).
References
Impacted products
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-23841", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-26T20:18:08.118870Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-26T20:18:17.204Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-03T19:14:09.152Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.openssl.org/news/secadv/20210216.txt" }, { "tags": [ "x_transferred" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=122a19ab48091c657f7cb1fb3af9fc07bd557bbf" }, { "tags": [ "x_transferred" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807" }, { "name": "DSA-4855", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2021/dsa-4855" }, { "name": "GLSA-202103-03", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202103-03" }, { "name": "20210526 APPLE-SA-2021-05-25-2 macOS Big Sur 11.4", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2021/May/70" }, { "name": "20210526 APPLE-SA-2021-05-25-5 Safari 14.1.1", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2021/May/68" }, { "name": "20210526 APPLE-SA-2021-05-25-1 iOS 14.6 and iPadOS 14.6", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2021/May/67" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "tags": [ "x_transferred" ], "url": "https://www.tenable.com/security/tns-2021-09" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20210513-0002/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20210219-0009/" }, { "tags": [ "x_transferred" ], "url": "https://www.tenable.com/security/tns-2021-03" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT212529" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT212528" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT212534" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "tags": [ "x_transferred" ], "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "OpenSSL", "vendor": "OpenSSL", "versions": [ { "status": "affected", "version": "Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i)" }, { "status": "affected", "version": "Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x)" } ] } ], "credits": [ { "lang": "en", "value": "Tavis Ormandy (Google)" } ], "datePublic": "2021-02-16T00:00:00", "descriptions": [ { "lang": "en", "value": "The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x)." } ], "metrics": [ { "other": { "content": { "lang": "eng", "url": "https://www.openssl.org/policies/secpolicy.html#Moderate", "value": "Moderate" }, "type": "unknown" } } ], "problemTypes": [ { "descriptions": [ { "description": "NULL pointer dereference", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-21T19:07:57.206585", "orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5", "shortName": "openssl" }, "references": [ { "url": "https://www.openssl.org/news/secadv/20210216.txt" }, { "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=122a19ab48091c657f7cb1fb3af9fc07bd557bbf" }, { "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807" }, { "name": "DSA-4855", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2021/dsa-4855" }, { "name": "GLSA-202103-03", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202103-03" }, { "name": "20210526 APPLE-SA-2021-05-25-2 macOS Big Sur 11.4", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2021/May/70" }, { "name": "20210526 APPLE-SA-2021-05-25-5 Safari 14.1.1", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2021/May/68" }, { "name": "20210526 APPLE-SA-2021-05-25-1 iOS 14.6 and iPadOS 14.6", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2021/May/67" }, { "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "url": "https://www.tenable.com/security/tns-2021-09" }, { "url": "https://security.netapp.com/advisory/ntap-20210513-0002/" }, { "url": "https://security.netapp.com/advisory/ntap-20210219-0009/" }, { "url": "https://www.tenable.com/security/tns-2021-03" }, { "url": "https://support.apple.com/kb/HT212529" }, { "url": "https://support.apple.com/kb/HT212528" }, { "url": "https://support.apple.com/kb/HT212534" }, { "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846" }, { "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf" }, { "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" } ], "title": "Null pointer deref in X509_issuer_and_serial_hash()" } }, "cveMetadata": { "assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5", "assignerShortName": "openssl", "cveId": "CVE-2021-23841", "datePublished": "2021-02-16T16:55:18.817258Z", "dateReserved": "2021-01-12T00:00:00", "dateUpdated": "2024-09-16T22:39:57.576Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-20217
Vulnerability from cvelistv5
Published
2018-12-26 20:00
Modified
2024-08-05 11:58
Severity ?
EPSS score ?
Summary
A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type (single-DES, triple-DES, or RC4), the attacker can crash the KDC by making an S4U2Self request.
References
▼ | URL | Tags |
---|---|---|
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2KNHELH4YHNT6H2ESJWX2UIDXLBNGB2O/ | vendor-advisory, x_refsource_FEDORA | |
http://krbdev.mit.edu/rt/Ticket/Display.html?id=8763 | x_refsource_CONFIRM | |
https://github.com/krb5/krb5/commit/5e6d1796106df8ba6bc1973ee0917c170d929086 | x_refsource_CONFIRM | |
https://lists.debian.org/debian-lts-announce/2019/01/msg00020.html | mailing-list, x_refsource_MLIST | |
https://security.netapp.com/advisory/ntap-20190416-0006/ | x_refsource_CONFIRM | |
https://lists.debian.org/debian-lts-announce/2021/09/msg00019.html | mailing-list, x_refsource_MLIST |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T11:58:19.090Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "FEDORA-2018-7db7ccda4d", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2KNHELH4YHNT6H2ESJWX2UIDXLBNGB2O/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8763" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/krb5/krb5/commit/5e6d1796106df8ba6bc1973ee0917c170d929086" }, { "name": "[debian-lts-announce] 20190125 [SECURITY] [DLA 1643-1] krb5 security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00020.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20190416-0006/" }, { "name": "[debian-lts-announce] 20210930 [SECURITY] [DLA 2771-1] krb5 security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00019.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2018-12-08T00:00:00", "descriptions": [ { "lang": "en", "value": "A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type (single-DES, triple-DES, or RC4), the attacker can crash the KDC by making an S4U2Self request." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-09-30T21:06:12", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "FEDORA-2018-7db7ccda4d", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2KNHELH4YHNT6H2ESJWX2UIDXLBNGB2O/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8763" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/krb5/krb5/commit/5e6d1796106df8ba6bc1973ee0917c170d929086" }, { "name": "[debian-lts-announce] 20190125 [SECURITY] [DLA 1643-1] krb5 security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00020.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20190416-0006/" }, { "name": "[debian-lts-announce] 20210930 [SECURITY] [DLA 2771-1] krb5 security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00019.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-20217", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type (single-DES, triple-DES, or RC4), the attacker can crash the KDC by making an S4U2Self request." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "FEDORA-2018-7db7ccda4d", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2KNHELH4YHNT6H2ESJWX2UIDXLBNGB2O/" }, { "name": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8763", "refsource": "CONFIRM", "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8763" }, { "name": "https://github.com/krb5/krb5/commit/5e6d1796106df8ba6bc1973ee0917c170d929086", "refsource": "CONFIRM", "url": "https://github.com/krb5/krb5/commit/5e6d1796106df8ba6bc1973ee0917c170d929086" }, { "name": "[debian-lts-announce] 20190125 [SECURITY] [DLA 1643-1] krb5 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00020.html" }, { "name": "https://security.netapp.com/advisory/ntap-20190416-0006/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20190416-0006/" }, { "name": "[debian-lts-announce] 20210930 [SECURITY] [DLA 2771-1] krb5 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00019.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-20217", "datePublished": "2018-12-26T20:00:00", "dateReserved": "2018-12-19T00:00:00", "dateUpdated": "2024-08-05T11:58:19.090Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2010-1324
Vulnerability from cvelistv5
Published
2010-12-02 16:00
Modified
2024-08-07 01:21
Severity ?
EPSS score ?
Summary
MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to forge GSS tokens, gain privileges, or have unspecified other impact via (1) an unkeyed checksum, (2) an unkeyed PAC checksum, or (3) a KrbFastArmoredReq checksum based on an RC4 key.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T01:21:18.670Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "ADV-2010-3094", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/3094" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" }, { "name": "MDVSA-2010:246", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:246" }, { "name": "FEDORA-2010-18425", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051999.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://kb.vmware.com/kb/1035108" }, { "name": "ADV-2010-3118", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/3118" }, { "name": "oval:org.mitre.oval:def:11936", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11936" }, { "name": "ADV-2011-0187", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2011/0187" }, { "name": "20101130 MITKRB5-SA-2010-007 Multiple checksum handling vulnerabilities [CVE-2010-1324 CVE-2010-1323 CVE-2010-4020 CVE-2010-4021]", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/514953/100/0/threaded" }, { "name": "SUSE-SR:2010:023", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.vmware.com/security/advisories/VMSA-2011-0007.html" }, { "name": "APPLE-SA-2011-03-21-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html" }, { "name": "69609", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://osvdb.org/69609" }, { "name": "HPSBUX02623", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=129562442714657\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-007.txt" }, { "name": "SSRT100355", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=129562442714657\u0026w=2" }, { "name": "ADV-2010-3095", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/3095" }, { "name": "42399", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/42399" }, { "name": "45116", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/45116" }, { "name": "[security-announce] 20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://lists.vmware.com/pipermail/security-announce/2011/000133.html" }, { "name": "1024803", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id?1024803" }, { "name": "20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/517739/100/0/threaded" }, { "name": "FEDORA-2010-18409", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051976.html" }, { "name": "SUSE-SR:2010:024", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html" }, { "name": "RHSA-2010:0925", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0925.html" }, { "name": "USN-1030-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-1030-1" }, { "name": "43015", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/43015" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT4581" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2010-11-30T00:00:00", "descriptions": [ { "lang": "en", "value": "MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to forge GSS tokens, gain privileges, or have unspecified other impact via (1) an unkeyed checksum, (2) an unkeyed PAC checksum, or (3) a KrbFastArmoredReq checksum based on an RC4 key." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-10T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "ADV-2010-3094", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/3094" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" }, { "name": "MDVSA-2010:246", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:246" }, { "name": "FEDORA-2010-18425", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051999.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://kb.vmware.com/kb/1035108" }, { "name": "ADV-2010-3118", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/3118" }, { "name": "oval:org.mitre.oval:def:11936", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11936" }, { "name": "ADV-2011-0187", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2011/0187" }, { "name": "20101130 MITKRB5-SA-2010-007 Multiple checksum handling vulnerabilities [CVE-2010-1324 CVE-2010-1323 CVE-2010-4020 CVE-2010-4021]", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/514953/100/0/threaded" }, { "name": "SUSE-SR:2010:023", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.vmware.com/security/advisories/VMSA-2011-0007.html" }, { "name": "APPLE-SA-2011-03-21-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html" }, { "name": "69609", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://osvdb.org/69609" }, { "name": "HPSBUX02623", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=129562442714657\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-007.txt" }, { "name": "SSRT100355", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=129562442714657\u0026w=2" }, { "name": "ADV-2010-3095", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/3095" }, { "name": "42399", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/42399" }, { "name": "45116", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/45116" }, { "name": "[security-announce] 20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://lists.vmware.com/pipermail/security-announce/2011/000133.html" }, { "name": "1024803", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id?1024803" }, { "name": "20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/517739/100/0/threaded" }, { "name": "FEDORA-2010-18409", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051976.html" }, { "name": "SUSE-SR:2010:024", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html" }, { "name": "RHSA-2010:0925", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0925.html" }, { "name": "USN-1030-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-1030-1" }, { "name": "43015", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/43015" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT4581" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2010-1324", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to forge GSS tokens, gain privileges, or have unspecified other impact via (1) an unkeyed checksum, (2) an unkeyed PAC checksum, or (3) a KrbFastArmoredReq checksum based on an RC4 key." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "ADV-2010-3094", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/3094" }, { "name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" }, { "name": "MDVSA-2010:246", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:246" }, { "name": "FEDORA-2010-18425", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051999.html" }, { "name": "http://kb.vmware.com/kb/1035108", "refsource": "CONFIRM", "url": "http://kb.vmware.com/kb/1035108" }, { "name": "ADV-2010-3118", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/3118" }, { "name": "oval:org.mitre.oval:def:11936", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11936" }, { "name": "ADV-2011-0187", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2011/0187" }, { "name": "20101130 MITKRB5-SA-2010-007 Multiple checksum handling vulnerabilities [CVE-2010-1324 CVE-2010-1323 CVE-2010-4020 CVE-2010-4021]", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/514953/100/0/threaded" }, { "name": "SUSE-SR:2010:023", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html" }, { "name": "http://www.vmware.com/security/advisories/VMSA-2011-0007.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/security/advisories/VMSA-2011-0007.html" }, { "name": "APPLE-SA-2011-03-21-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html" }, { "name": "69609", "refsource": "OSVDB", "url": "http://osvdb.org/69609" }, { "name": "HPSBUX02623", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=129562442714657\u0026w=2" }, { "name": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-007.txt", "refsource": "CONFIRM", "url": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-007.txt" }, { "name": "SSRT100355", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=129562442714657\u0026w=2" }, { "name": "ADV-2010-3095", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/3095" }, { "name": "42399", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/42399" }, { "name": "45116", "refsource": "BID", "url": "http://www.securityfocus.com/bid/45116" }, { "name": "[security-announce] 20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console", "refsource": "MLIST", "url": "http://lists.vmware.com/pipermail/security-announce/2011/000133.html" }, { "name": "1024803", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1024803" }, { "name": "20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/517739/100/0/threaded" }, { "name": "FEDORA-2010-18409", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051976.html" }, { "name": "SUSE-SR:2010:024", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html" }, { "name": "RHSA-2010:0925", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2010-0925.html" }, { "name": "USN-1030-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-1030-1" }, { "name": "43015", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/43015" }, { "name": "http://support.apple.com/kb/HT4581", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT4581" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2010-1324", "datePublished": "2010-12-02T16:00:00", "dateReserved": "2010-04-08T00:00:00", "dateUpdated": "2024-08-07T01:21:18.670Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-5730
Vulnerability from cvelistv5
Published
2018-03-06 20:00
Modified
2024-08-05 05:40
Severity ?
EPSS score ?
Summary
MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a "linkdn" and "containerdn" database argument, or by supplying a DN string which is a left extension of a container DN string but is not hierarchically within the container DN.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T05:40:51.262Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1042071", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1042071" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/krb5/krb5/commit/e1caf6fb74981da62039846931ebdffed71309d1" }, { "name": "RHSA-2018:3071", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:3071" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1551082" }, { "name": "FEDORA-2018-f97cb1c9b0", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OIFUL3CPM4S5TOXTTOCQ3CUZN6XCXUTR/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891869" }, { "name": "FEDORA-2018-391a1f3e61", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GK5T6JPMBHBPKS7HNGHYUUF4KKRMNSNU/" }, { "name": "[debian-lts-announce] 20190125 [SECURITY] [DLA 1643-1] krb5 security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00020.html" }, { "name": "RHBA-2019:0327", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHBA-2019:0327" }, { "name": "[debian-lts-announce] 20210930 [SECURITY] [DLA 2771-1] krb5 security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00019.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2018-03-01T00:00:00", "descriptions": [ { "lang": "en", "value": "MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a \"linkdn\" and \"containerdn\" database argument, or by supplying a DN string which is a left extension of a container DN string but is not hierarchically within the container DN." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-09-30T21:06:15", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "1042071", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1042071" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/krb5/krb5/commit/e1caf6fb74981da62039846931ebdffed71309d1" }, { "name": "RHSA-2018:3071", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:3071" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1551082" }, { "name": "FEDORA-2018-f97cb1c9b0", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OIFUL3CPM4S5TOXTTOCQ3CUZN6XCXUTR/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891869" }, { "name": "FEDORA-2018-391a1f3e61", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GK5T6JPMBHBPKS7HNGHYUUF4KKRMNSNU/" }, { "name": "[debian-lts-announce] 20190125 [SECURITY] [DLA 1643-1] krb5 security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00020.html" }, { "name": "RHBA-2019:0327", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHBA-2019:0327" }, { "name": "[debian-lts-announce] 20210930 [SECURITY] [DLA 2771-1] krb5 security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00019.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-5730", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a \"linkdn\" and \"containerdn\" database argument, or by supplying a DN string which is a left extension of a container DN string but is not hierarchically within the container DN." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1042071", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1042071" }, { "name": "https://github.com/krb5/krb5/commit/e1caf6fb74981da62039846931ebdffed71309d1", "refsource": "CONFIRM", "url": "https://github.com/krb5/krb5/commit/e1caf6fb74981da62039846931ebdffed71309d1" }, { "name": "RHSA-2018:3071", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:3071" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1551082", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1551082" }, { "name": "FEDORA-2018-f97cb1c9b0", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OIFUL3CPM4S5TOXTTOCQ3CUZN6XCXUTR/" }, { "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891869", "refsource": "CONFIRM", "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891869" }, { "name": "FEDORA-2018-391a1f3e61", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GK5T6JPMBHBPKS7HNGHYUUF4KKRMNSNU/" }, { "name": "[debian-lts-announce] 20190125 [SECURITY] [DLA 1643-1] krb5 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00020.html" }, { "name": "RHBA-2019:0327", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHBA-2019:0327" }, { "name": "[debian-lts-announce] 20210930 [SECURITY] [DLA 2771-1] krb5 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00019.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-5730", "datePublished": "2018-03-06T20:00:00", "dateReserved": "2018-01-16T00:00:00", "dateUpdated": "2024-08-05T05:40:51.262Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-22465
Vulnerability from cvelistv5
Published
2022-07-08 17:45
Modified
2024-09-17 00:21
Severity ?
EPSS score ?
Summary
IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 could allow a local user to obtain elevated privileges due to improper access permissions. IBM X-Force ID: 225082.
References
▼ | URL | Tags |
---|---|---|
https://www.ibm.com/support/pages/node/6601729 | x_refsource_CONFIRM | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/225082 | vdb-entry, x_refsource_XF |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | IBM | Security Verify Access |
Version: 10.0.2.0 Version: 10.0.0.0 Version: 10.0.1.0 Version: 10.0.3.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T03:14:55.275Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.ibm.com/support/pages/node/6601729" }, { "name": "ibm-sam-cve202222465-priv-escalation (225082)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/225082" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Security Verify Access", "vendor": "IBM", "versions": [ { "status": "affected", "version": "10.0.2.0" }, { "status": "affected", "version": "10.0.0.0" }, { "status": "affected", "version": "10.0.1.0" }, { "status": "affected", "version": "10.0.3.0" } ] } ], "datePublic": "2022-07-06T00:00:00", "descriptions": [ { "lang": "en", "value": "IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 could allow a local user to obtain elevated privileges due to improper access permissions. IBM X-Force ID: 225082." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "exploitCodeMaturity": "UNPROVEN", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "remediationLevel": "OFFICIAL_FIX", "reportConfidence": "CONFIRMED", "scope": "UNCHANGED", "temporalScore": 5.5, "temporalSeverity": "MEDIUM", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AC:H/PR:L/A:N/C:H/I:H/S:U/UI:N/AV:L/E:U/RL:O/RC:C", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "description": "Gain Privileges", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-07-08T17:45:24", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.ibm.com/support/pages/node/6601729" }, { "name": "ibm-sam-cve202222465-priv-escalation (225082)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/225082" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@us.ibm.com", "DATE_PUBLIC": "2022-07-06T00:00:00", "ID": "CVE-2022-22465", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Security Verify Access", "version": { "version_data": [ { "version_value": "10.0.2.0" }, { "version_value": "10.0.0.0" }, { "version_value": "10.0.1.0" }, { "version_value": "10.0.3.0" } ] } } ] }, "vendor_name": "IBM" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 could allow a local user to obtain elevated privileges due to improper access permissions. IBM X-Force ID: 225082." } ] }, "impact": { "cvssv3": { "BM": { "A": "N", "AC": "H", "AV": "L", "C": "H", "I": "H", "PR": "L", "S": "U", "UI": "N" }, "TM": { "E": "U", "RC": "C", "RL": "O" } } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Gain Privileges" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.ibm.com/support/pages/node/6601729", "refsource": "CONFIRM", "title": "IBM Security Bulletin 6601729 (Security Verify Access)", "url": "https://www.ibm.com/support/pages/node/6601729" }, { "name": "ibm-sam-cve202222465-priv-escalation (225082)", "refsource": "XF", "title": "X-Force Vulnerability Report", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/225082" } ] } } } }, "cveMetadata": { "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2022-22465", "datePublished": "2022-07-08T17:45:24.113826Z", "dateReserved": "2022-01-03T00:00:00", "dateUpdated": "2024-09-17T00:21:39.697Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-22464
Vulnerability from cvelistv5
Published
2022-07-08 17:45
Modified
2024-09-16 18:08
Severity ?
EPSS score ?
Summary
IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 225081.
References
▼ | URL | Tags |
---|---|---|
https://www.ibm.com/support/pages/node/6601729 | x_refsource_CONFIRM | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/225081 | vdb-entry, x_refsource_XF |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | IBM | Security Verify Access |
Version: 10.0.2.0 Version: 10.0.0.0 Version: 10.0.1.0 Version: 10.0.3.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T03:14:55.207Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.ibm.com/support/pages/node/6601729" }, { "name": "ibm-sam-cve202222464-info-disc (225081)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/225081" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Security Verify Access", "vendor": "IBM", "versions": [ { "status": "affected", "version": "10.0.2.0" }, { "status": "affected", "version": "10.0.0.0" }, { "status": "affected", "version": "10.0.1.0" }, { "status": "affected", "version": "10.0.3.0" } ] } ], "datePublic": "2022-07-06T00:00:00", "descriptions": [ { "lang": "en", "value": "IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 225081." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "exploitCodeMaturity": "UNPROVEN", "integrityImpact": "NONE", "privilegesRequired": "NONE", "remediationLevel": "OFFICIAL_FIX", "reportConfidence": "CONFIRMED", "scope": "UNCHANGED", "temporalScore": 5.2, "temporalSeverity": "MEDIUM", "userInteraction": "NONE", "vectorString": "CVSS:3.0/I:N/UI:N/S:U/AV:N/AC:H/A:N/PR:N/C:H/RL:O/RC:C/E:U", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "description": "Obtain Information", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-07-08T17:45:22", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.ibm.com/support/pages/node/6601729" }, { "name": "ibm-sam-cve202222464-info-disc (225081)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/225081" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@us.ibm.com", "DATE_PUBLIC": "2022-07-06T00:00:00", "ID": "CVE-2022-22464", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Security Verify Access", "version": { "version_data": [ { "version_value": "10.0.2.0" }, { "version_value": "10.0.0.0" }, { "version_value": "10.0.1.0" }, { "version_value": "10.0.3.0" } ] } } ] }, "vendor_name": "IBM" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 225081." } ] }, "impact": { "cvssv3": { "BM": { "A": "N", "AC": "H", "AV": "N", "C": "H", "I": "N", "PR": "N", "S": "U", "UI": "N" }, "TM": { "E": "U", "RC": "C", "RL": "O" } } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Obtain Information" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.ibm.com/support/pages/node/6601729", "refsource": "CONFIRM", "title": "IBM Security Bulletin 6601729 (Security Verify Access)", "url": "https://www.ibm.com/support/pages/node/6601729" }, { "name": "ibm-sam-cve202222464-info-disc (225081)", "refsource": "XF", "title": "X-Force Vulnerability Report", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/225081" } ] } } } }, "cveMetadata": { "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2022-22464", "datePublished": "2022-07-08T17:45:22.650659Z", "dateReserved": "2022-01-03T00:00:00", "dateUpdated": "2024-09-16T18:08:16.372Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-22370
Vulnerability from cvelistv5
Published
2022-07-08 17:45
Modified
2024-09-16 16:33
Severity ?
EPSS score ?
Summary
IBM Security Verify Access 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 221194.
References
▼ | URL | Tags |
---|---|---|
https://www.ibm.com/support/pages/node/6601725 | x_refsource_CONFIRM | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/221194 | vdb-entry, x_refsource_XF |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | IBM | Security Verify Access |
Version: 10.0.2.0 Version: 10.0.0.0 Version: 10.0.1.0 Version: 10.0.3.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T03:14:54.990Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.ibm.com/support/pages/node/6601725" }, { "name": "ibm-sva-cve202222370-xss (221194)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/221194" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Security Verify Access", "vendor": "IBM", "versions": [ { "status": "affected", "version": "10.0.2.0" }, { "status": "affected", "version": "10.0.0.0" }, { "status": "affected", "version": "10.0.1.0" }, { "status": "affected", "version": "10.0.3.0" } ] } ], "datePublic": "2022-07-06T00:00:00", "descriptions": [ { "lang": "en", "value": "IBM Security Verify Access 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 221194." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "exploitCodeMaturity": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "remediationLevel": "OFFICIAL_FIX", "reportConfidence": "CONFIRMED", "scope": "CHANGED", "temporalScore": 5.2, "temporalSeverity": "MEDIUM", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/A:N/PR:L/AC:L/C:L/S:C/UI:R/I:L/AV:N/RL:O/RC:C/E:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "description": "Cross-Site Scripting", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-07-08T17:45:19", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.ibm.com/support/pages/node/6601725" }, { "name": "ibm-sva-cve202222370-xss (221194)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/221194" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@us.ibm.com", "DATE_PUBLIC": "2022-07-06T00:00:00", "ID": "CVE-2022-22370", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Security Verify Access", "version": { "version_data": [ { "version_value": "10.0.2.0" }, { "version_value": "10.0.0.0" }, { "version_value": "10.0.1.0" }, { "version_value": "10.0.3.0" } ] } } ] }, "vendor_name": "IBM" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "IBM Security Verify Access 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 221194." } ] }, "impact": { "cvssv3": { "BM": { "A": "N", "AC": "L", "AV": "N", "C": "L", "I": "L", "PR": "L", "S": "C", "UI": "R" }, "TM": { "E": "H", "RC": "C", "RL": "O" } } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Cross-Site Scripting" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.ibm.com/support/pages/node/6601725", "refsource": "CONFIRM", "title": "IBM Security Bulletin 6601725 (Security Verify Access)", "url": "https://www.ibm.com/support/pages/node/6601725" }, { "name": "ibm-sva-cve202222370-xss (221194)", "refsource": "XF", "title": "X-Force Vulnerability Report", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/221194" } ] } } } }, "cveMetadata": { "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2022-22370", "datePublished": "2022-07-08T17:45:19.536069Z", "dateReserved": "2022-01-03T00:00:00", "dateUpdated": "2024-09-16T16:33:20.269Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-23308
Vulnerability from cvelistv5
Published
2022-02-26 00:00
Modified
2024-08-03 03:36
Severity ?
EPSS score ?
Summary
valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T03:36:20.420Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "FEDORA-2022-050c712ed7", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LA3MWWAYZADWJ5F6JOUBX65UZAMQB7RF/" }, { "name": "[debian-lts-announce] 20220408 [SECURITY] [DLA 2972-1] libxml2 security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00004.html" }, { "name": "20220516 APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/May/33" }, { "name": "20220516 APPLE-SA-2022-05-16-6 tvOS 15.5", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/May/37" }, { "name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/May/35" }, { "name": "20220516 APPLE-SA-2022-05-16-2 macOS Monterey 12.4", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/May/38" }, { "name": "20220516 APPLE-SA-2022-05-16-5 watchOS 8.6", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/May/36" }, { "name": "20220516 APPLE-SA-2022-05-16-1 iOS 15.5 and iPadOS 15.5", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/May/34" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213257" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213256" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213255" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/blob/v2.9.13/NEWS" }, { "tags": [ "x_transferred" ], "url": "https://github.com/GNOME/libxml2/commit/652dd12a858989b14eed4e84e453059cd3ba340e" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220331-0008/" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213253" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213258" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213254" }, { "name": "GLSA-202210-03", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202210-03" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-10-16T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "FEDORA-2022-050c712ed7", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LA3MWWAYZADWJ5F6JOUBX65UZAMQB7RF/" }, { "name": "[debian-lts-announce] 20220408 [SECURITY] [DLA 2972-1] libxml2 security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00004.html" }, { "name": "20220516 APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/May/33" }, { "name": "20220516 APPLE-SA-2022-05-16-6 tvOS 15.5", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/May/37" }, { "name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/May/35" }, { "name": "20220516 APPLE-SA-2022-05-16-2 macOS Monterey 12.4", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/May/38" }, { "name": "20220516 APPLE-SA-2022-05-16-5 watchOS 8.6", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/May/36" }, { "name": "20220516 APPLE-SA-2022-05-16-1 iOS 15.5 and iPadOS 15.5", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/May/34" }, { "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "url": "https://support.apple.com/kb/HT213257" }, { "url": "https://support.apple.com/kb/HT213256" }, { "url": "https://support.apple.com/kb/HT213255" }, { "url": "https://gitlab.gnome.org/GNOME/libxml2/-/blob/v2.9.13/NEWS" }, { "url": "https://github.com/GNOME/libxml2/commit/652dd12a858989b14eed4e84e453059cd3ba340e" }, { "url": "https://security.netapp.com/advisory/ntap-20220331-0008/" }, { "url": "https://support.apple.com/kb/HT213253" }, { "url": "https://support.apple.com/kb/HT213258" }, { "url": "https://support.apple.com/kb/HT213254" }, { "name": "GLSA-202210-03", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202210-03" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-23308", "datePublished": "2022-02-26T00:00:00", "dateReserved": "2022-01-17T00:00:00", "dateUpdated": "2024-08-03T03:36:20.420Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2020-28196
Vulnerability from cvelistv5
Published
2020-11-06 07:07
Modified
2024-08-04 16:33
Severity ?
EPSS score ?
Summary
MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T16:33:58.154Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "[debian-lts-announce] 20201107 [SECURITY] [DLA 2437-1] krb5 security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00011.html" }, { "name": "FEDORA-2020-32193cbbe6", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/73IGOG6CZAVMVNS4GGRMOLOZ7B6QVA7F/" }, { "name": "FEDORA-2020-27b577ab23", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KPH2V3WSQTELROZK3GFCPQDOFLKIZ6H5/" }, { "name": "GLSA-202011-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202011-17" }, { "name": "FEDORA-2020-0df38b2843", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/45KKOZQWIIIW5C45PJVGQ32AXBSYNBE7/" }, { "name": "DSA-4795", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2020/dsa-4795" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20210513-0002/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/krb5/krb5/commit/57415dda6cf04e73ffc3723be518eddfae599bfd" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20201202-0001/" }, { "name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E" }, { "name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-04-19T23:22:37", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "[debian-lts-announce] 20201107 [SECURITY] [DLA 2437-1] krb5 security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00011.html" }, { "name": "FEDORA-2020-32193cbbe6", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/73IGOG6CZAVMVNS4GGRMOLOZ7B6QVA7F/" }, { "name": "FEDORA-2020-27b577ab23", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KPH2V3WSQTELROZK3GFCPQDOFLKIZ6H5/" }, { "name": "GLSA-202011-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202011-17" }, { "name": "FEDORA-2020-0df38b2843", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/45KKOZQWIIIW5C45PJVGQ32AXBSYNBE7/" }, { "name": "DSA-4795", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2020/dsa-4795" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20210513-0002/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/krb5/krb5/commit/57415dda6cf04e73ffc3723be518eddfae599bfd" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20201202-0001/" }, { "name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E" }, { "name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-28196", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "[debian-lts-announce] 20201107 [SECURITY] [DLA 2437-1] krb5 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00011.html" }, { "name": "FEDORA-2020-32193cbbe6", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/73IGOG6CZAVMVNS4GGRMOLOZ7B6QVA7F/" }, { "name": "FEDORA-2020-27b577ab23", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KPH2V3WSQTELROZK3GFCPQDOFLKIZ6H5/" }, { "name": "GLSA-202011-17", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202011-17" }, { "name": "FEDORA-2020-0df38b2843", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/45KKOZQWIIIW5C45PJVGQ32AXBSYNBE7/" }, { "name": "DSA-4795", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2020/dsa-4795" }, { "name": "https://www.oracle.com/security-alerts/cpuApr2021.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "name": "https://security.netapp.com/advisory/ntap-20210513-0002/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20210513-0002/" }, { "name": "https://github.com/krb5/krb5/commit/57415dda6cf04e73ffc3723be518eddfae599bfd", "refsource": "CONFIRM", "url": "https://github.com/krb5/krb5/commit/57415dda6cf04e73ffc3723be518eddfae599bfd" }, { "name": "https://security.netapp.com/advisory/ntap-20201202-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20201202-0001/" }, { "name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E" }, { "name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E" }, { "name": "https://www.oracle.com//security-alerts/cpujul2021.html", "refsource": "MISC", "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "name": "https://www.oracle.com/security-alerts/cpuapr2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-28196", "datePublished": "2020-11-06T07:07:38", "dateReserved": "2020-11-03T00:00:00", "dateUpdated": "2024-08-04T16:33:58.154Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2010-1323
Vulnerability from cvelistv5
Published
2010-12-02 16:00
Modified
2024-08-07 01:21
Severity ?
EPSS score ?
Summary
MIT Kerberos 5 (aka krb5) 1.3.x, 1.4.x, 1.5.x, 1.6.x, 1.7.x, and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to modify user-visible prompt text, modify a response to a Key Distribution Center (KDC), or forge a KRB-SAFE message via certain checksums that (1) are unkeyed or (2) use RC4 keys.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T01:21:18.474Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2012:0042", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00010.html" }, { "name": "ADV-2010-3094", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/3094" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" }, { "name": "MDVSA-2010:246", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:246" }, { "name": "FEDORA-2010-18425", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051999.html" }, { "name": "45118", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/45118" }, { "name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://kb.vmware.com/kb/1035108" }, { "name": "46397", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/46397" }, { "name": "ADV-2010-3118", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/3118" }, { "name": "SSRT100495", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=130497213107107\u0026w=2" }, { "name": "oval:org.mitre.oval:def:12121", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12121" }, { "name": "ADV-2011-0187", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2011/0187" }, { "name": "MDVSA-2010:245", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:245" }, { "name": "69610", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://osvdb.org/69610" }, { "name": "20101130 MITKRB5-SA-2010-007 Multiple checksum handling vulnerabilities [CVE-2010-1324 CVE-2010-1323 CVE-2010-4020 CVE-2010-4021]", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/514953/100/0/threaded" }, { "name": "RHSA-2010:0926", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0926.html" }, { "name": "SUSE-SR:2010:023", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.vmware.com/security/advisories/VMSA-2011-0007.html" }, { "name": "APPLE-SA-2011-03-21-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html" }, { "name": "42420", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/42420" }, { "name": "HPSBUX02623", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=129562442714657\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-007.txt" }, { "name": "SSRT100355", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=129562442714657\u0026w=2" }, { "name": "ADV-2010-3095", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/3095" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html" }, { "name": "ADV-2010-3101", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/3101" }, { "name": "42399", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/42399" }, { "name": "SUSE-SU-2012:0010", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00002.html" }, { "name": "[security-announce] 20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://lists.vmware.com/pipermail/security-announce/2011/000133.html" }, { "name": "1024803", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id?1024803" }, { "name": "20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/517739/100/0/threaded" }, { "name": "FEDORA-2010-18409", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051976.html" }, { "name": "SUSE-SR:2010:024", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html" }, { "name": "RHSA-2010:0925", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0925.html" }, { "name": "USN-1030-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-1030-1" }, { "name": "HPSBOV02682", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=130497213107107\u0026w=2" }, { "name": "43015", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/43015" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT4581" }, { "name": "DSA-2129", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2010/dsa-2129" }, { "name": "42436", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/42436" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2010-11-30T00:00:00", "descriptions": [ { "lang": "en", "value": "MIT Kerberos 5 (aka krb5) 1.3.x, 1.4.x, 1.5.x, 1.6.x, 1.7.x, and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to modify user-visible prompt text, modify a response to a Key Distribution Center (KDC), or forge a KRB-SAFE message via certain checksums that (1) are unkeyed or (2) use RC4 keys." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-10T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "SUSE-SU-2012:0042", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00010.html" }, { "name": "ADV-2010-3094", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/3094" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" }, { "name": "MDVSA-2010:246", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:246" }, { "name": "FEDORA-2010-18425", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051999.html" }, { "name": "45118", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/45118" }, { "name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://kb.vmware.com/kb/1035108" }, { "name": "46397", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/46397" }, { "name": "ADV-2010-3118", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/3118" }, { "name": "SSRT100495", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=130497213107107\u0026w=2" }, { "name": "oval:org.mitre.oval:def:12121", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12121" }, { "name": "ADV-2011-0187", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2011/0187" }, { "name": "MDVSA-2010:245", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:245" }, { "name": "69610", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://osvdb.org/69610" }, { "name": "20101130 MITKRB5-SA-2010-007 Multiple checksum handling vulnerabilities [CVE-2010-1324 CVE-2010-1323 CVE-2010-4020 CVE-2010-4021]", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/514953/100/0/threaded" }, { "name": "RHSA-2010:0926", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0926.html" }, { "name": "SUSE-SR:2010:023", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.vmware.com/security/advisories/VMSA-2011-0007.html" }, { "name": "APPLE-SA-2011-03-21-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html" }, { "name": "42420", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/42420" }, { "name": "HPSBUX02623", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=129562442714657\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-007.txt" }, { "name": "SSRT100355", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=129562442714657\u0026w=2" }, { "name": "ADV-2010-3095", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/3095" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html" }, { "name": "ADV-2010-3101", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/3101" }, { "name": "42399", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/42399" }, { "name": "SUSE-SU-2012:0010", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00002.html" }, { "name": "[security-announce] 20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://lists.vmware.com/pipermail/security-announce/2011/000133.html" }, { "name": "1024803", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id?1024803" }, { "name": "20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/517739/100/0/threaded" }, { "name": "FEDORA-2010-18409", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051976.html" }, { "name": "SUSE-SR:2010:024", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html" }, { "name": "RHSA-2010:0925", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0925.html" }, { "name": "USN-1030-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-1030-1" }, { "name": "HPSBOV02682", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=130497213107107\u0026w=2" }, { "name": "43015", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/43015" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT4581" }, { "name": "DSA-2129", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2010/dsa-2129" }, { "name": "42436", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/42436" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2010-1323", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "MIT Kerberos 5 (aka krb5) 1.3.x, 1.4.x, 1.5.x, 1.6.x, 1.7.x, and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to modify user-visible prompt text, modify a response to a Key Distribution Center (KDC), or forge a KRB-SAFE message via certain checksums that (1) are unkeyed or (2) use RC4 keys." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2012:0042", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00010.html" }, { "name": "ADV-2010-3094", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/3094" }, { "name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" }, { "name": "MDVSA-2010:246", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:246" }, { "name": "FEDORA-2010-18425", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051999.html" }, { "name": "45118", "refsource": "BID", "url": "http://www.securityfocus.com/bid/45118" }, { "name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded" }, { "name": "http://kb.vmware.com/kb/1035108", "refsource": "CONFIRM", "url": "http://kb.vmware.com/kb/1035108" }, { "name": "46397", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/46397" }, { "name": "ADV-2010-3118", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/3118" }, { "name": "SSRT100495", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=130497213107107\u0026w=2" }, { "name": "oval:org.mitre.oval:def:12121", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12121" }, { "name": "ADV-2011-0187", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2011/0187" }, { "name": "MDVSA-2010:245", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:245" }, { "name": "69610", "refsource": "OSVDB", "url": "http://osvdb.org/69610" }, { "name": "20101130 MITKRB5-SA-2010-007 Multiple checksum handling vulnerabilities [CVE-2010-1324 CVE-2010-1323 CVE-2010-4020 CVE-2010-4021]", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/514953/100/0/threaded" }, { "name": "RHSA-2010:0926", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2010-0926.html" }, { "name": "SUSE-SR:2010:023", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html" }, { "name": "http://www.vmware.com/security/advisories/VMSA-2011-0007.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/security/advisories/VMSA-2011-0007.html" }, { "name": "APPLE-SA-2011-03-21-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html" }, { "name": "42420", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/42420" }, { "name": "HPSBUX02623", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=129562442714657\u0026w=2" }, { "name": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-007.txt", "refsource": "CONFIRM", "url": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-007.txt" }, { "name": "SSRT100355", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=129562442714657\u0026w=2" }, { "name": "ADV-2010-3095", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/3095" }, { "name": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html" }, { "name": "ADV-2010-3101", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/3101" }, { "name": "42399", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/42399" }, { "name": "SUSE-SU-2012:0010", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00002.html" }, { "name": "[security-announce] 20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console", "refsource": "MLIST", "url": "http://lists.vmware.com/pipermail/security-announce/2011/000133.html" }, { "name": "1024803", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1024803" }, { "name": "20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/517739/100/0/threaded" }, { "name": "FEDORA-2010-18409", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051976.html" }, { "name": "SUSE-SR:2010:024", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html" }, { "name": "RHSA-2010:0925", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2010-0925.html" }, { "name": "USN-1030-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-1030-1" }, { "name": "HPSBOV02682", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=130497213107107\u0026w=2" }, { "name": "43015", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/43015" }, { "name": "http://support.apple.com/kb/HT4581", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT4581" }, { "name": "DSA-2129", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2010/dsa-2129" }, { "name": "42436", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/42436" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2010-1323", "datePublished": "2010-12-02T16:00:00", "dateReserved": "2010-04-08T00:00:00", "dateUpdated": "2024-08-07T01:21:18.474Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-3712
Vulnerability from cvelistv5
Published
2021-08-24 14:50
Modified
2024-09-16 20:32
Severity ?
EPSS score ?
Summary
ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL (0) byte. Although not a strict requirement, ASN.1 strings that are parsed using OpenSSL's own "d2i" functions (and other similar parsing functions) as well as any string whose value has been set with the ASN1_STRING_set() function will additionally NUL terminate the byte array in the ASN1_STRING structure. However, it is possible for applications to directly construct valid ASN1_STRING structures which do not NUL terminate the byte array by directly setting the "data" and "length" fields in the ASN1_STRING array. This can also happen by using the ASN1_STRING_set0() function. Numerous OpenSSL functions that print ASN.1 data have been found to assume that the ASN1_STRING byte array will be NUL terminated, even though this is not guaranteed for strings that have been directly constructed. Where an application requests an ASN.1 structure to be printed, and where that ASN.1 structure contains ASN1_STRINGs that have been directly constructed by the application without NUL terminating the "data" field, then a read buffer overrun can occur. The same thing can also occur during name constraints processing of certificates (for example if a certificate has been directly constructed by the application instead of loading it via the OpenSSL parsing functions, and the certificate contains non NUL terminated ASN1_STRING structures). It can also occur in the X509_get1_email(), X509_REQ_get1_email() and X509_get1_ocsp() functions. If a malicious actor can cause an application to directly construct an ASN1_STRING and then process it through one of the affected OpenSSL functions then this issue could be hit. This might result in a crash (causing a Denial of Service attack). It could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext). Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k). Fixed in OpenSSL 1.0.2za (Affected 1.0.2-1.0.2y).
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:01:08.180Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.openssl.org/news/secadv/20210824.txt" }, { "tags": [ "x_transferred" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=94d23fcff9b2a7a8368dfe52214d5c2569882c11" }, { "tags": [ "x_transferred" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=ccb0a11145ee72b042d10593a64eaf9e8a55ec12" }, { "name": "DSA-4963", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2021/dsa-4963" }, { "name": "[tomcat-dev] 20210825 OpenSSL security announcement - do we need a Tomcat Native release?", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e%40%3Cdev.tomcat.apache.org%3E" }, { "name": "[oss-security] 20210825 OpenSSL SM2 Decryption Buffer Overflow (CVE-2021-3711), Read buffer overruns processing ASN.1 strings (CVE-2021-3712)", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2021/08/26/2" }, { "name": "[tomcat-dev] 20210826 Re: OpenSSL security announcement - do we need a Tomcat Native release?", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1%40%3Cdev.tomcat.apache.org%3E" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20210827-0010/" }, { "name": "[debian-lts-announce] 20210926 [SECURITY] [DLA 2766-1] openssl security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html" }, { "name": "[debian-lts-announce] 20210930 [SECURITY] [DLA 2774-1] openssl1.0 security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "tags": [ "x_transferred" ], "url": "https://www.tenable.com/security/tns-2021-16" }, { "tags": [ "x_transferred" ], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10366" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "tags": [ "x_transferred" ], "url": "https://www.tenable.com/security/tns-2022-02" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf" }, { "name": "GLSA-202209-02", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202209-02" }, { "name": "GLSA-202210-02", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202210-02" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "OpenSSL", "vendor": "OpenSSL", "versions": [ { "status": "affected", "version": "Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k)" }, { "status": "affected", "version": "Fixed in OpenSSL 1.0.2za (Affected 1.0.2-1.0.2y)" } ] } ], "credits": [ { "lang": "en", "value": "Ingo Schwarze" } ], "datePublic": "2021-08-24T00:00:00", "descriptions": [ { "lang": "en", "value": "ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL (0) byte. Although not a strict requirement, ASN.1 strings that are parsed using OpenSSL\u0027s own \"d2i\" functions (and other similar parsing functions) as well as any string whose value has been set with the ASN1_STRING_set() function will additionally NUL terminate the byte array in the ASN1_STRING structure. However, it is possible for applications to directly construct valid ASN1_STRING structures which do not NUL terminate the byte array by directly setting the \"data\" and \"length\" fields in the ASN1_STRING array. This can also happen by using the ASN1_STRING_set0() function. Numerous OpenSSL functions that print ASN.1 data have been found to assume that the ASN1_STRING byte array will be NUL terminated, even though this is not guaranteed for strings that have been directly constructed. Where an application requests an ASN.1 structure to be printed, and where that ASN.1 structure contains ASN1_STRINGs that have been directly constructed by the application without NUL terminating the \"data\" field, then a read buffer overrun can occur. The same thing can also occur during name constraints processing of certificates (for example if a certificate has been directly constructed by the application instead of loading it via the OpenSSL parsing functions, and the certificate contains non NUL terminated ASN1_STRING structures). It can also occur in the X509_get1_email(), X509_REQ_get1_email() and X509_get1_ocsp() functions. If a malicious actor can cause an application to directly construct an ASN1_STRING and then process it through one of the affected OpenSSL functions then this issue could be hit. This might result in a crash (causing a Denial of Service attack). It could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext). Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k). Fixed in OpenSSL 1.0.2za (Affected 1.0.2-1.0.2y)." } ], "metrics": [ { "other": { "content": { "lang": "eng", "url": "https://www.openssl.org/policies/secpolicy.html#Moderate", "value": "Moderate" }, "type": "unknown" } } ], "problemTypes": [ { "descriptions": [ { "description": "Buffer overflow", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-21T19:07:21.902973", "orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5", "shortName": "openssl" }, "references": [ { "url": "https://www.openssl.org/news/secadv/20210824.txt" }, { "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=94d23fcff9b2a7a8368dfe52214d5c2569882c11" }, { "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=ccb0a11145ee72b042d10593a64eaf9e8a55ec12" }, { "name": "DSA-4963", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2021/dsa-4963" }, { "name": "[tomcat-dev] 20210825 OpenSSL security announcement - do we need a Tomcat Native release?", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e%40%3Cdev.tomcat.apache.org%3E" }, { "name": "[oss-security] 20210825 OpenSSL SM2 Decryption Buffer Overflow (CVE-2021-3711), Read buffer overruns processing ASN.1 strings (CVE-2021-3712)", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2021/08/26/2" }, { "name": "[tomcat-dev] 20210826 Re: OpenSSL security announcement - do we need a Tomcat Native release?", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1%40%3Cdev.tomcat.apache.org%3E" }, { "url": "https://security.netapp.com/advisory/ntap-20210827-0010/" }, { "name": "[debian-lts-announce] 20210926 [SECURITY] [DLA 2766-1] openssl security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html" }, { "name": "[debian-lts-announce] 20210930 [SECURITY] [DLA 2774-1] openssl1.0 security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html" }, { "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "url": "https://www.tenable.com/security/tns-2021-16" }, { "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10366" }, { "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "url": "https://www.tenable.com/security/tns-2022-02" }, { "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf" }, { "name": "GLSA-202209-02", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202209-02" }, { "name": "GLSA-202210-02", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202210-02" }, { "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" } ], "title": "Read buffer overruns processing ASN.1 strings" } }, "cveMetadata": { "assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5", "assignerShortName": "openssl", "cveId": "CVE-2021-3712", "datePublished": "2021-08-24T14:50:14.704334Z", "dateReserved": "2021-08-16T00:00:00", "dateUpdated": "2024-09-16T20:32:42.201Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2010-4020
Vulnerability from cvelistv5
Published
2010-12-02 16:00
Modified
2024-08-07 03:26
Severity ?
EPSS score ?
Summary
MIT Kerberos 5 (aka krb5) 1.8.x through 1.8.3 does not reject RC4 key-derivation checksums, which might allow remote authenticated users to forge a (1) AD-SIGNEDPATH or (2) AD-KDC-ISSUED signature, and possibly gain privileges, by leveraging the small key space that results from certain one-byte stream-cipher operations.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T03:26:12.249Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "ADV-2010-3094", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/3094" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" }, { "name": "MDVSA-2010:246", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:246" }, { "name": "FEDORA-2010-18425", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051999.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://kb.vmware.com/kb/1035108" }, { "name": "ADV-2010-3118", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/3118" }, { "name": "20101130 MITKRB5-SA-2010-007 Multiple checksum handling vulnerabilities [CVE-2010-1324 CVE-2010-1323 CVE-2010-4020 CVE-2010-4021]", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/514953/100/0/threaded" }, { "name": "SUSE-SR:2010:023", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.vmware.com/security/advisories/VMSA-2011-0007.html" }, { "name": "APPLE-SA-2011-03-21-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-007.txt" }, { "name": "ADV-2010-3095", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/3095" }, { "name": "42399", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/42399" }, { "name": "[security-announce] 20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://lists.vmware.com/pipermail/security-announce/2011/000133.html" }, { "name": "1024803", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id?1024803" }, { "name": "20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/517739/100/0/threaded" }, { "name": "FEDORA-2010-18409", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051976.html" }, { "name": "SUSE-SR:2010:024", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html" }, { "name": "RHSA-2010:0925", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0925.html" }, { "name": "USN-1030-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-1030-1" }, { "name": "69608", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://osvdb.org/69608" }, { "name": "45117", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/45117" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT4581" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2010-11-30T00:00:00", "descriptions": [ { "lang": "en", "value": "MIT Kerberos 5 (aka krb5) 1.8.x through 1.8.3 does not reject RC4 key-derivation checksums, which might allow remote authenticated users to forge a (1) AD-SIGNEDPATH or (2) AD-KDC-ISSUED signature, and possibly gain privileges, by leveraging the small key space that results from certain one-byte stream-cipher operations." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-10T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "ADV-2010-3094", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/3094" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" }, { "name": "MDVSA-2010:246", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:246" }, { "name": "FEDORA-2010-18425", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051999.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://kb.vmware.com/kb/1035108" }, { "name": "ADV-2010-3118", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/3118" }, { "name": "20101130 MITKRB5-SA-2010-007 Multiple checksum handling vulnerabilities [CVE-2010-1324 CVE-2010-1323 CVE-2010-4020 CVE-2010-4021]", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/514953/100/0/threaded" }, { "name": "SUSE-SR:2010:023", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.vmware.com/security/advisories/VMSA-2011-0007.html" }, { "name": "APPLE-SA-2011-03-21-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-007.txt" }, { "name": "ADV-2010-3095", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/3095" }, { "name": "42399", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/42399" }, { "name": "[security-announce] 20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://lists.vmware.com/pipermail/security-announce/2011/000133.html" }, { "name": "1024803", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id?1024803" }, { "name": "20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/517739/100/0/threaded" }, { "name": "FEDORA-2010-18409", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051976.html" }, { "name": "SUSE-SR:2010:024", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html" }, { "name": "RHSA-2010:0925", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0925.html" }, { "name": "USN-1030-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-1030-1" }, { "name": "69608", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://osvdb.org/69608" }, { "name": "45117", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/45117" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT4581" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2010-4020", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "MIT Kerberos 5 (aka krb5) 1.8.x through 1.8.3 does not reject RC4 key-derivation checksums, which might allow remote authenticated users to forge a (1) AD-SIGNEDPATH or (2) AD-KDC-ISSUED signature, and possibly gain privileges, by leveraging the small key space that results from certain one-byte stream-cipher operations." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "ADV-2010-3094", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/3094" }, { "name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" }, { "name": "MDVSA-2010:246", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:246" }, { "name": "FEDORA-2010-18425", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051999.html" }, { "name": "http://kb.vmware.com/kb/1035108", "refsource": "CONFIRM", "url": "http://kb.vmware.com/kb/1035108" }, { "name": "ADV-2010-3118", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/3118" }, { "name": "20101130 MITKRB5-SA-2010-007 Multiple checksum handling vulnerabilities [CVE-2010-1324 CVE-2010-1323 CVE-2010-4020 CVE-2010-4021]", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/514953/100/0/threaded" }, { "name": "SUSE-SR:2010:023", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html" }, { "name": "http://www.vmware.com/security/advisories/VMSA-2011-0007.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/security/advisories/VMSA-2011-0007.html" }, { "name": "APPLE-SA-2011-03-21-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html" }, { "name": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-007.txt", "refsource": "CONFIRM", "url": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-007.txt" }, { "name": "ADV-2010-3095", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/3095" }, { "name": "42399", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/42399" }, { "name": "[security-announce] 20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console", "refsource": "MLIST", "url": "http://lists.vmware.com/pipermail/security-announce/2011/000133.html" }, { "name": "1024803", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1024803" }, { "name": "20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/517739/100/0/threaded" }, { "name": "FEDORA-2010-18409", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051976.html" }, { "name": "SUSE-SR:2010:024", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html" }, { "name": "RHSA-2010:0925", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2010-0925.html" }, { "name": "USN-1030-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-1030-1" }, { "name": "69608", "refsource": "OSVDB", "url": "http://osvdb.org/69608" }, { "name": "45117", "refsource": "BID", "url": "http://www.securityfocus.com/bid/45117" }, { "name": "http://support.apple.com/kb/HT4581", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT4581" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2010-4020", "datePublished": "2010-12-02T16:00:00", "dateReserved": "2010-10-20T00:00:00", "dateUpdated": "2024-08-07T03:26:12.249Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.