Kerberos 5 Assertion Failure Vulnerability

Kerberos 5 Assertion Failure Vulnerability

CVE-2017-11368 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:N/A:P

In MIT Kerberos 5 (aka krb5) 1.7 and later, an authenticated attacker can cause a KDC assertion failure by sending invalid S4U2Self or S4U2Proxy requests.

Learn more about our Cis Benchmark Audit For Mit Kerberos.