VYPR
Unrated severityOSV Advisory· Published Dec 26, 2018· Updated Aug 5, 2024

CVE-2018-20217

CVE-2018-20217

Description

A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type (single-DES, triple-DES, or RC4), the attacker can crash the KDC by making an S4U2Self request.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

21

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.