admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-07 05:28:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2023/CVE-2023-33xx/CVE-2023-3326.json
cad-safe-bot 9c81f02373 Auto-Update: 2023-08-01T23:55:28.044540+00:00
2023-08-01 23:55:31 +00:00

190 lines
6.7 KiB
JSON
Raw Blame History

{
"id": "CVE-2023-3326",
"sourceIdentifier": "secteam@freebsd.org",
"published": "2023-06-22T17:15:44.833",
"lastModified": "2023-08-01T23:15:30.827",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "pam_krb5 authenticates a user by essentially running kinit with the password, getting a ticket-granting ticket (tgt) from the Kerberos KDC (Key Distribution Center) over the network, as a way to verify the password. However, if a keytab is not provisioned on the system, pam_krb5 has no way to validate the response from the KDC, and essentially trusts the tgt provided over the network as being valid. In a non-default FreeBSD installation that leverages pam_krb5 for authentication and does not have a keytab provisioned, an attacker that is able to control both the password and the KDC responses can return a valid tgt, allowing authentication to occur for any user on the system.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
},
{
"source": "secteam@freebsd.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-303"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"versionEndExcluding": "12.4",
"matchCriteriaId": "A7F6C8B0-9D75-476C-ADBA-754416FBC186"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.1",
"matchCriteriaId": "D79AAEBE-0D5A-4C9C-95FD-6287A53EE1C0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:freebsd:freebsd:12.4:-:*:*:*:*:*:*",
"matchCriteriaId": "24920B4D-96C0-401F-B679-BEB086760EAF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:freebsd:freebsd:12.4:p1:*:*:*:*:*:*",
"matchCriteriaId": "3CE32730-A9F5-4E8D-BDA4-6B8232F84787"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:freebsd:freebsd:12.4:p2:*:*:*:*:*:*",
"matchCriteriaId": "552E81DE-D409-475F-8ED0-E10A0BE43D29"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:freebsd:freebsd:12.4:rc2-p1:*:*:*:*:*:*",
"matchCriteriaId": "BA821886-B26B-47A6-ABC9-B8F70CE0ACFB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:freebsd:freebsd:12.4:rc2-p2:*:*:*:*:*:*",
"matchCriteriaId": "220629AD-32CC-4303-86AE-1DD27F0E4C65"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:freebsd:freebsd:13.1:-:*:*:*:*:*:*",
"matchCriteriaId": "DEEE6D52-27E4-438D-AE8D-7141320B5973"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:freebsd:freebsd:13.1:b1-p1:*:*:*:*:*:*",
"matchCriteriaId": "66364EA4-83B1-4597-8C18-D5633B361A9C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:freebsd:freebsd:13.1:b2-p2:*:*:*:*:*:*",
"matchCriteriaId": "EF9292DD-EFB1-4B50-A941-7485D901489F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:freebsd:freebsd:13.1:p1:*:*:*:*:*:*",
"matchCriteriaId": "EFB18F55-4F5C-4166-9A7E-6F6617179A90"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:freebsd:freebsd:13.1:p2:*:*:*:*:*:*",
"matchCriteriaId": "66E1C269-841F-489A-9A0A-5D145B417E0A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:freebsd:freebsd:13.1:p3:*:*:*:*:*:*",
"matchCriteriaId": "ECF1B567-F764-45F5-A793-BEA93720F952"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:freebsd:freebsd:13.1:p4:*:*:*:*:*:*",
"matchCriteriaId": "DAFE3F33-2C57-4B52-B658-82572607BD8C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:freebsd:freebsd:13.1:p5:*:*:*:*:*:*",
"matchCriteriaId": "C925DF75-2785-44BD-91CA-66D29C296689"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:freebsd:freebsd:13.1:p6:*:*:*:*:*:*",
"matchCriteriaId": "BCE2DAEC-81A5-49E9-B7E7-4F143FA6B3F7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:freebsd:freebsd:13.1:p7:*:*:*:*:*:*",
"matchCriteriaId": "7725D503-1437-4F90-B30C-007193D5F0E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:freebsd:freebsd:13.1:rc1-p1:*:*:*:*:*:*",
"matchCriteriaId": "B536EE52-ED49-4A85-BC9D-A27828D5A961"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:freebsd:freebsd:13.2:-:*:*:*:*:*:*",
"matchCriteriaId": "A87EFA20-DD6B-41C5-98FD-A29F67D2E732"
}
]
}
]
}
],
"references": [
{
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-23:04.pam_krb5.asc",
"source": "secteam@freebsd.org",
"tags": [
"Mitigation",
"Vendor Advisory"
]
},
{
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-23:09.pam_krb5.asc",
"source": "secteam@freebsd.org"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230714-0005/",
"source": "secteam@freebsd.org",
"tags": [
"Third Party Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink