Krb5 Authentication Bypass in LDAP Kerberos Database by MIT
CVE-2018-5730

3.8LOW

Key Information:

Vendor

Mit

Status
Kerberos 5
Vendor
CVE Published:
6 March 2018

What is CVE-2018-5730?

An authenticated kadmin with permission to add principals to an LDAP Kerberos database is able to bypass a DN containership check. This is accomplished by supplying both a 'linkdn' and 'containerdn' database argument, or by providing a DN string that is a left extension of a container DN but is not hierarchically within the container DN. This vulnerability could allow for unauthorized access to sensitive data within the Kerberos infrastructure.

References

http://www.securitytracker.com/id/1042071
vdb-entryx_refsource_SECTRACK
https://github.com/krb5/krb5/commit/e1caf6fb74981da620398...
x_refsource_CONFIRM
https://access.redhat.com/errata/RHSA-2018:3071
vendor-advisoryx_refsource_REDHAT

CVSS V3.1

Score:
3.8
Severity:
LOW
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.