CVE-2018-20217 vulnerability in MIT and Other Products
Published on December 26, 2018

A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type (single-DES, triple-DES, or RC4), the attacker can crash the KDC by making an S4U2Self request.

Vendor Advisory NVD

Products Associated with CVE-2018-20217

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2018-20217 are published in these products:

MIT Kerberos

Debian Linux

Canonical Ubuntu Linux

Exploit Probability

EPSS

4.38%

Percentile

88.76%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2018-20217 vulnerability in MIT and Other ProductsPublished on December 26, 2018

Products Associated with CVE-2018-20217

Exploit Probability

CVE-2018-20217 vulnerability in MIT and Other Products
Published on December 26, 2018