VYPR
High severity7.5NVD Advisory· Published Jun 28, 2024· Updated May 12, 2026

CVE-2024-37370

CVE-2024-37370

Description

In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

39

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.