CVE-2024-37370

ADVISORY - nist

Summary

In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.

EPSS Score⁠: 0.0009 (0.266)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-345⁠

Insufficient Verification of Data Authenticity

Impacted images

Advisories

NIST

CREATED

1 year ago

UPDATED

4 months ago

ADVISORY IDCVE-2024-37370⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-345⁠

CVSS SCORE

7.5high

Alpine

CREATED

1 year ago

UPDATED

4 months ago

ADVISORY IDCVE-2024-37370⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Debian

CREATED

1 year ago

UPDATED

4 months ago

ADVISORY IDCVE-2024-37370⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

1 year ago

UPDATED

4 months ago

ADVISORY IDCVE-2024-37370⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.5medium

Alma

CREATED

11 months ago

UPDATED

11 months ago

ADVISORY IDALSA-2024:5312⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Alma

CREATED

10 months ago

UPDATED

10 months ago

ADVISORY IDALSA-2024:6166⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Amazon

CREATED

1 year ago

UPDATED

1 year ago

ADVISORY IDALAS2-2024-2595⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Amazon

CREATED

11 months ago

UPDATED

11 months ago

ADVISORY IDALAS2023-2024-688⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Red Hat

CREATED

1 year ago

UPDATED

4 months ago

ADVISORY IDCVE-2024-37370⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.5medium

Rocky

CREATED

2 months ago

UPDATED

2 months ago

ADVISORY IDRLSA-2024:5312⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Oracle

CREATED

9 months ago

UPDATED

9 months ago

ADVISORY IDELSA-2024-5076⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Oracle

CREATED

11 months ago

UPDATED

11 months ago

ADVISORY IDELSA-2024-5312⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Oracle

CREATED

10 months ago

UPDATED

10 months ago

ADVISORY IDELSA-2024-6166⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium