CVE-2018-16860
Last modified
CVE-2018-16860 is a vulnerability of currently unknown severity. A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up to, excluding 4.9.8 and 4.10.x up to, excluding 4.10.3, when used in AD DC mode. A man in the middle attacker could use this flaw to intercept the request to the KDC and replace the user name (principal) in the request with any desired user name (principal) that exists in the KDC effectively obtaining a ticket for that principal.. EPSS estimates a 2.49% chance of exploitation in the next 30 days.
Description
A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up to, excluding 4.9.8 and 4.10.x up to, excluding 4.10.3, when used in AD DC mode. A man in the middle attacker could use this flaw to intercept the request to the KDC and replace the user name (principal) in the request with any desired user name (principal) that exists in the KDC effectively obtaining a ticket for that principal.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Samba | Samba | >= 4.8.0, < 4.8.12 |
| Samba | Samba | >= 4.9.0, < 4.9.8 |
| Samba | Samba | >= 4.10.0, < 4.10.3 |
| Heimdal Project | Heimdal | >= 0.8, <= 7.5.0 |
References
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16860Issue Tracking, Third Party Advisory
- https://www.samba.org/samba/security/CVE-2018-16860.htmlMitigation, Vendor Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16860Issue Tracking, Third Party Advisory
- https://www.samba.org/samba/security/CVE-2018-16860.htmlMitigation, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2018-16860?
How severe is CVE-2018-16860?
How do I fix CVE-2018-16860?
Are you affected by CVE-2018-16860?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST