V
Scaner-VS
ENRU
HomeCatalogSourcesCWECAPECATT&CKMitigationsProductsVendorsDocs
Back to catalog
BDU:2023-03437
BDU
High

Уязвимость реализации сетевого протокола Kerberos операционных систем Debian GNU/Linux, Red Hat Enterprise Linux, Ubuntu, Fedora, Альт 8 СП…

CVSS
7.5
High
EPSS
0.00
p0
Published
2023-01-01
Updated
2023-01-01
Description

Уязвимость реализации сетевого протокола Kerberos операционных систем Debian GNU/Linux, Red Hat Enterprise Linux, Ubuntu, Fedora, Альт 8 СП связана с неконтролируемой рекурсией. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, вызвать отказ в обслуживании

Tags · CWE
Pre-auth
Affected products
Broadcom inc. Vmware esxiBroadcom inc. Vmware esxiBroadcom inc. Vmware esxiBroadcom inc. Vmware esxiBroadcom inc. Vmware esxiBroadcom inc. Vmware esxiBroadcom inc. Vmware esxiBroadcom inc. Vmware esxiBroadcom inc. Vmware esxiBroadcom inc. Vmware esxiBroadcom inc. Vmware esxiBroadcom inc. Vmware esxiBroadcom inc. Vmware esxiBroadcom inc. Vmware esxiBroadcom inc. Vmware esxiBroadcom inc. Vmware esxiBroadcom inc. Vmware esxiBroadcom inc. Vmware esxiBroadcom inc. Vmware esxiBroadcom inc. Vmware esxi
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Timeline
2023-01-01
Published
2023-01-01
Updated
CVSS 3.1 breakdown
Attack Vector
AV: N
Network (N)
Attack Complexity
AC: L
Low (L)
Privileges Required
PR: N
None (N)
User Interaction
UI: N
None (N)
Scope
S: U
Unchanged (U)
Confidentiality Impact
C: N
None (N)
Integrity Impact
I: N
None (N)
Availability Impact
A: H
High (H)
Exploit indicators
EPSS
0.000 · p0
Known exploited (KEV)
No
Known exploits — Сканер-ВС
No Сканер-ВС checks registered for this vulnerability yet.
Affected products
Red Hat
Red Hat Virtualization
Oracle
Mysql ServerCommunications Cloud Native Core PolicyCommunications Pricing Design CenterOracle Communications Offline Mediation Controller
Нтц Ит Роса
Rosa Virtualization
Broadcom
Vmware Esxi
Mit
Kerberos
ProductVendorStatus
vmware esxibroadcom inc.Tracked
vmware esxibroadcom inc.Tracked
vmware esxibroadcom inc.Tracked
vmware esxibroadcom inc.Tracked
vmware esxibroadcom inc.Tracked
vmware esxibroadcom inc.Tracked
vmware esxibroadcom inc.Tracked
vmware esxibroadcom inc.Tracked
vmware esxibroadcom inc.Tracked
vmware esxibroadcom inc.Tracked
vmware esxibroadcom inc.Tracked
vmware esxibroadcom inc.Tracked
vmware esxibroadcom inc.Tracked
vmware esxibroadcom inc.Tracked
vmware esxibroadcom inc.Tracked
vmware esxibroadcom inc.Tracked
vmware esxibroadcom inc.Tracked
vmware esxibroadcom inc.Tracked
vmware esxibroadcom inc.Tracked
vmware esxibroadcom inc.Tracked
Showing first 20 of 160
Source databases
BDU
Related vulnerabilities
CVE-2020-28196
External references
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-28196@https://github.com/krb5/krb5/commit/57415dda6cf04e73ffc3723be518eddfae599bfd@https://www.oracle.com/security-alerts/cpujul2021.html@https://www.oracle.com/security-alerts/cpuapr2021.html@https://www.oracle.com/security-alerts/cpuapr2022.html@https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KPH2V3WSQTELROZK3GFCPQDOFLKIZ6H5/@https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/73IGOG6CZAVMVNS4GGRMOLOZ7B6QVA7F/@https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/45KKOZQWIIIW5C45PJVGQ32AXBSYNBE7/@https://cve.basealt.ru/@https://security-tracker.debian.org/tracker/CVE-2020-28196@https://access.redhat.com/security/cve/CVE-2020-28196@https://ubuntu.com/security/notices/USN-4635-1@https://поддержка.нппкт.рф/bin/view/ОСнова/Обновления/2.1/@https://docs.vmware.com/en/VMware-vSphere/8.0/rn/vsphere-esxi-80b-release-notes/index.html@https://docs.vmware.com/en/VMware-vSphere/7.0/rn/vsphere-esxi-70u3i-release-notes.html@https://strelets.net/patchi-i-obnovleniya-bezopasnosti#16012023@https://abf.rosa.ru/advisories/ROSA-SA-2025-2879@https://wiki.astralinux.ru/astra-linux-se16-bulletin-20251225SE16