Detections
Analytics
Alpine: multiple heimdal packages: security update to 7.5.0-r3 (deprecated)
high Tenable Self-Hosted Container Security Plugin ID 400497
Description
There are packages installed that are affected by a vulnerability referenced in the following CVE:- A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up
to, excluding 4.9.8 and 4.10.x up to, excluding 4.10.3, when used in AD DC mode. A man in the middle
attacker could use this flaw to intercept the request to the KDC and replace the user name (principal) in
the request with any desired user name (principal) that exists in the KDC effectively obtaining a ticket
for that principal. (CVE-2018-16860)
See Also
https://git.alpinelinux.org/aports/commit/?id=aa2d24fab1e16e497512004aa40a11c032fcab73
https://git.alpinelinux.org/aports/commit/?id=e5bce08f307d563f1c82d22257e76bf9f0bf48fe
Plugin Details
Severity: High
ID: 400497
Version: Revision 1.22
Type: Local
Published: 8/16/2023
Updated: 1/17/2024
Supported Sensors: Agentless Assessment
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: Medium
Base Score: 6
Temporal Score: 4.4
Vector: CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P
CVSS Score Source: CVE-2018-16860
CVSS v3
Risk Factor: High
Base Score: 7.5
Temporal Score: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
Exploit Ease: No known exploits are available
Patch Publication Date: 6/4/2019
Vulnerability Publication Date: 5/14/2019
Reference Information
CVE: CVE-2018-16860
BID: 108332