7.5

CVE-2024-26461

Exploit
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MitKerberos 5 Version1.21.2
NetappActive Iq Unified Manager Version- SwPlatformvmware_vsphere
NetappOntap 9 Version-
NetappH610c Firmware Version-
   NetappH610c Version-
NetappH610s Firmware Version-
   NetappH610s Version-
NetappH615c Firmware Version-
   NetappH615c Version-
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.13% 0.621
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-770 Allocation of Resources Without Limits or Throttling

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.

https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_2.md
Exploit
https://security.netapp.com/advisory/ntap-20240415-0011/
Third Party Advisory