CVE-2025-3576

EPSS 0.23%
Veröffentlicht 15.04.2025 05:55:26
Zuletzt bearbeitet 12.05.2026 13:17:18
Quelle secalert@redhat.com
CVE-Watchlists
Login
Unerledigt
Login

Krb5: kerberos rc4-hmac-md5 checksum vulnerability enabling message spoofing via md5 collisions

A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This may lead to unauthorized message tampering.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 19

CNA 11 VulnDex Vulnerability Enrichment 3

Daten sind bereitgestellt durch das CVE Programm von Authorized Data Publishers (ADP) (Unstrukturiert)

HerstellerSiemens

≫

Produkt RUGGEDCOM ROX MX5000

Default Statusunknown

Version 0

Version < V2.17.1

Status affected

HerstellerSiemens

≫

Produkt RUGGEDCOM ROX MX5000RE

Default Statusunknown

Version 0

Version < V2.17.1

Status affected

HerstellerSiemens

≫

Produkt RUGGEDCOM ROX RX1400

Default Statusunknown

Version 0

Version < V2.17.1

Status affected

HerstellerSiemens

≫

Produkt RUGGEDCOM ROX RX1500

Default Statusunknown

Version 0

Version < V2.17.1

Status affected

HerstellerSiemens

≫

Produkt RUGGEDCOM ROX RX1501

Default Statusunknown

Version 0

Version < V2.17.1

Status affected

HerstellerSiemens

≫

Produkt RUGGEDCOM ROX RX1510

Default Statusunknown

Version 0

Version < V2.17.1

Status affected

HerstellerSiemens

≫

Produkt RUGGEDCOM ROX RX1511

Default Statusunknown

Version 0

Version < V2.17.1

Status affected

HerstellerSiemens

≫

Produkt RUGGEDCOM ROX RX1512

Default Statusunknown

Version 0

Version < V2.17.1

Status affected

HerstellerSiemens

≫

Produkt RUGGEDCOM ROX RX1524

Default Statusunknown

Version 0

Version < V2.17.1

Status affected

HerstellerSiemens

≫

Produkt RUGGEDCOM ROX RX1536

Default Statusunknown

Version 0

Version < V2.17.1

Status affected

HerstellerSiemens

≫

Produkt RUGGEDCOM ROX RX5000

Default Statusunknown

Version 0

Version < V2.17.1

Status affected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.23%	0.458

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
secalert@redhat.com	5.9	2.2	3.6	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-328 Use of Weak Hash

The product uses an algorithm that produces a digest (output value) that does not meet security expectations for a hash function that allows an adversary to reasonably determine the original input (preimage attack), find another input that can produce the same hash (2nd preimage attack), or find multiple inputs that evaluate to the same hash (birthday attack).

https://access.redhat.com/security/cve/CVE-2025-3576

https://bugzilla.redhat.com/show_bug.cgi?id=2359465

https://lists.debian.org/debian-lts-announce/2025/05/msg00047.html

https://access.redhat.com/errata/RHSA-2025:8411

https://access.redhat.com/errata/RHSA-2025:9418

https://access.redhat.com/errata/RHSA-2025:9430

https://access.redhat.com/errata/RHSA-2025:11487

https://web.mit.edu/kerberos/krb5-1.22/krb5-1.22.html

https://access.redhat.com/errata/RHSA-2025:13664

https://access.redhat.com/errata/RHSA-2025:13777

https://access.redhat.com/errata/RHSA-2025:15000

https://access.redhat.com/errata/RHSA-2025:15002