{"id":"CVE-2017-7562","details":"An authentication bypass flaw was found in the way krb5's certauth interface before 1.16.1 handled the validation of client certificates. A remote attacker able to communicate with the KDC could potentially use this flaw to impersonate arbitrary principals under rare and erroneous circumstances.","modified":"2026-04-16T06:16:05.238142242Z","published":"2018-07-26T15:29:00.403Z","related":["SUSE-SU-2018:1425-1"],"references":[{"type":"ADVISORY","url":"https://github.com/krb5/krb5/pull/694/commits/50fe4074f188c2d4da0c421e96553acea8378db2"},{"type":"ADVISORY","url":"https://github.com/krb5/krb5/pull/694/commits/b7af544e50a4d8291524f590e20dd44430bf627d"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/100511"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:0666"},{"type":"ADVISORY","url":"https://github.com/krb5/krb5/pull/694/commits/1de6ca2f2eb1fdbab51f1549a25a6903aefcc196"},{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7562"},{"type":"FIX","url":"https://github.com/krb5/krb5/pull/694"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/krb5/krb5","events":[{"introduced":"aca1dccda2da25a5f93227fa4db006c379a961b0"},{"fixed":"8e153e3e8feb88780413d642273d60f0c15b2fe6"}],"database_specific":{"versions":[{"introduced":"1.0"},{"fixed":"1.16.1"}]}}],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-7562.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"}]}