Количество 7
Количество 7
CVE-2020-17049
A security feature bypass vulnerability exists in the way Key Distribution Center (KDC) determines if a service ticket can be used for delegation via Kerberos Constrained Delegation (KCD). To exploit the vulnerability, a compromised service that is configured to use KCD could tamper with a service ticket that is not valid for delegation to force the KDC to accept it. The update addresses this vulnerability by changing how the KDC validates service tickets used with KCD.
CVE-2020-17049
A security feature bypass vulnerability exists in the way Key Distribution Center (KDC) determines if a service ticket can be used for delegation via Kerberos Constrained Delegation (KCD). To exploit the vulnerability, a compromised service that is configured to use KCD could tamper with a service ticket that is not valid for delegation to force the KDC to accept it. The update addresses this vulnerability by changing how the KDC validates service tickets used with KCD.
CVE-2020-17049
Kerberos KDC Security Feature Bypass Vulnerability
GHSA-g2p3-j47p-8cwj
Kerberos Security Feature Bypass Vulnerability
ELSA-2023-2570
ELSA-2023-2570: krb5 security, bug fix, and enhancement update (MODERATE)
BDU:2020-05328
Уязвимость компонента Kerberos KDC операционных систем Windows, позволяющая нарушителю обойти существующие ограничения безопасности и получить несанкционированный доступ к приложению
ELSA-2024-0143
ELSA-2024-0143: idm:DL1 security update (MODERATE)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2020-17049 A security feature bypass vulnerability exists in the way Key Distribution Center (KDC) determines if a service ticket can be used for delegation via Kerberos Constrained Delegation (KCD). To exploit the vulnerability, a compromised service that is configured to use KCD could tamper with a service ticket that is not valid for delegation to force the KDC to accept it. The update addresses this vulnerability by changing how the KDC validates service tickets used with KCD. | CVSS3: 7.2 | 22% Средний | почти 5 лет назад |
 | CVE-2020-17049 A security feature bypass vulnerability exists in the way Key Distribution Center (KDC) determines if a service ticket can be used for delegation via Kerberos Constrained Delegation (KCD). To exploit the vulnerability, a compromised service that is configured to use KCD could tamper with a service ticket that is not valid for delegation to force the KDC to accept it. The update addresses this vulnerability by changing how the KDC validates service tickets used with KCD. | CVSS3: 6.6 | 22% Средний | почти 5 лет назад |
 | CVE-2020-17049 Kerberos KDC Security Feature Bypass Vulnerability | CVSS3: 6.6 | 22% Средний | почти 5 лет назад |
| GHSA-g2p3-j47p-8cwj Kerberos Security Feature Bypass Vulnerability | CVSS3: 7.2 | 22% Средний | больше 3 лет назад |
| ELSA-2023-2570 ELSA-2023-2570: krb5 security, bug fix, and enhancement update (MODERATE) | больше 2 лет назад | ||
 | BDU:2020-05328 Уязвимость компонента Kerberos KDC операционных систем Windows, позволяющая нарушителю обойти существующие ограничения безопасности и получить несанкционированный доступ к приложению | CVSS3: 7.2 | 22% Средний | почти 5 лет назад |
| ELSA-2024-0143 ELSA-2024-0143: idm:DL1 security update (MODERATE) | почти 2 года назад |
Уязвимостей на страницу