CVE-2023-3326

CRITICAL Year: 2023
CVSS v3 Score
9.8
Critical
Weakness Type
CWE-303
View all →

Vulnerability Description

pam_krb5 authenticates a user by essentially running kinit with the password, getting a ticket-granting ticket (tgt) from the Kerberos KDC (Key Distribution Center) over the network, as a way to verify the password. However, if a keytab is not provisioned on the system, pam_krb5 has no way to validate the response from the KDC, and essentially trusts the tgt provided over the network as being valid. In a non-default FreeBSD installation that leverages pam_krb5 for authentication and does not have a keytab provisioned, an attacker that is able to control both the password and the KDC responses can return a valid tgt, allowing authentication to occur for any user on the system.

Related Vulnerabilities

CVE-2018-4841

CRITICAL
CVSS:9.8(Critical)

A vulnerability has been identified in TIM 1531 IRC (All versions < V1.1). A remote attacker with network access to port 80/tcp or port 443/tcp could perform administrative operations on the device wi...

CWE-3032018

CVE-2021-32691

CRITICAL
CVSS:9.8(Critical)

Apollos Apps is an open source platform for launching church-related apps. In Apollos Apps versions prior to 2.20.0, new user registrations are able to access anyone's account by only knowing their ba...

CWE-3032021

CVE-2022-20923

CRITICAL
CVSS:9.8(Critical)

A vulnerability in the IPSec VPN Server authentication functionality of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to bypass authent...

CWE-3032022

CVE-2023-29129

CRITICAL
CVSS:9.8(Critical)

A vulnerability has been identified in Mendix SAML (Mendix 7 compatible) (All versions >= V1.17.3 < V1.18.0), Mendix SAML (Mendix 7 compatible) (All versions >= V1.16.4 < V1.17.3), Mendix SAML (Mendix...

CWE-3032023

CVE-2023-29357

CRITICAL
CVSS:9.8(Critical)

Microsoft SharePoint Server Elevation of Privilege Vulnerability

CWE-3032023