### [CVE-2025-3576](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3576)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Ansible%20Automation%20Platform%202&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Discovery%202&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%2010&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%206&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%207&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%208&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%208.2%20Advanced%20Update%20Support&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%208.4%20Advanced%20Mission%20Critical%20Update%20Support&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%208.4%20Extended%20Update%20Support%20Long-Life%20Add-On&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%208.6%20Advanced%20Mission%20Critical%20Update%20Support&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%208.6%20Telecommunications%20Update%20Service&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%208.6%20Update%20Services%20for%20SAP%20Solutions&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%208.8%20Telecommunications%20Update%20Service&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%208.8%20Update%20Services%20for%20SAP%20Solutions&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%209&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%209.0%20Update%20Services%20for%20SAP%20Solutions&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%209.2%20Update%20Services%20for%20SAP%20Solutions&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%209.4%20Extended%20Update%20Support&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20OpenShift%20Container%20Platform%204&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=null&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Use%20of%20Weak%20Hash&color=brightgreen)

### Description

A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This may lead to unauthorized message tampering.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/Dariani223/DevOpsFinal
- https://github.com/U7Dani/Laboratorio-Blue-Team-T-Pot-Wazuh-TheHive
- https://github.com/adegoodyer/kubernetes-admin-toolkit
- https://github.com/w4zu/Debian_security