CVE-2018-16860
heimdal - security update
7.5
HIGH
CVSS 3.1
EPSS 1.2%
Description
A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up to, excluding 4.9.8 and 4.10.x up to, excluding 4.10.3, when used in AD DC mode. A man in the middle attacker could use this flaw to intercept the request to the KDC and replace the user name (principal) in the request with any desired user name (principal) that exists in the KDC effectively obtaining a ticket for that principal.
How to fix CVE-2018-16860
To remediate CVE-2018-16860, upgrade the affected package to a fixed version below.
- —upgrade to 7.5.0-r4 or later
- —upgrade to 4.10.3-r0 or later
- —upgrade to 7.1.0+dfsg-13+deb9u3 or later
- —upgrade to 7.5.0+dfsg-3 or later
- —upgrade to 2:4.2.14+dfsg-0+deb8u13 or later
- —upgrade to 2:4.9.5+dfsg-4 or later
- —upgrade to 2:4.5.16+dfsg-1+deb9u2 or later
Is CVE-2018-16860 being exploited?
Low — EPSS is 1.2%, meaning exploitation activity has not been observed at scale.
Affected packages (7)
- from 0, < 7.5.0-r4
- from 0, < 4.10.3-r0
- from 0, < 7.1.0+dfsg-13+deb9u3
- from 0, < 7.5.0+dfsg-3
- from 0, < 2:4.2.14+dfsg-0+deb8u13
- from 0, < 2:4.9.5+dfsg-4
- from 0, < 2:4.5.16+dfsg-1+deb9u2
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.5 | CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |