CVE-2014-5354

Name: CVE-2014-5354
Creator: NVD / NIST
Published: 2014-12-16T23:59:01.247+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 1.74%

Last modified Jun 17, 2026

CVE-2014-5354 is a vulnerability of currently unknown severity. plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by creating a database entry for a keyless principal, as demonstrated by a kadmin "add_principal -nokey" or "purgekeys -all" command.. EPSS estimates a 1.74% chance of exploitation in the next 30 days.

Description

plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by creating a database entry for a keyless principal, as demonstrated by a kadmin "add_principal -nokey" or "purgekeys -all" command.

Metrics

EPSS Probability

1.74%

74.8th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions
Mit	Kerberos	5_1.13
Mit	Kerberos 5	1.12
Mit	Kerberos 5	1.12.1
Mit	Kerberos 5	1.12.2

References

Timeline

Published: Dec 16, 2014
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2014-5354?

How severe is CVE-2014-5354?

Severity scoring for CVE-2014-5354 is pending analysis. The EPSS model estimates a 1.74% probability of exploitation in the next 30 days.

How do I fix CVE-2014-5354?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2014-5354?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST