What is CVE-2019-14844?

CVE-2019-14844 is a high-severity vulnerability in Mit Krb5, classified under CWE-628. CVSS score: 7.5/10. Published 2019-09-26.

How severe is CVE-2019-14844?

High severity. CVSS v3 base score is 7.5 out of 10.

Vulnerability in Mit Krb5

CVE-2019-14844

A flaw was found in, Fedora versions of krb5 from 1.16.1 to, including 1.17.x, in the way a Kerberos client could crash the KDC by sending one of the RFC 4556 "enctypes". A remote unauthenticated user could use this flaw to crash the KDC.

EPSS: 0.117 (93.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.

Affected products

Mit Krb5 — versions Fedora versions of krb5 from 1.16.1 to, including 1.17.x

Weakness classification (CWE)

CWE-628

References

github.com/krb5/krb5/pull/981 (x_refsource_MISC)
bugzilla.redhat.com/show_bug.cgi (x_refsource_CONFIRM)
FEDORA-2019-2323661e5f (vendor-advisory, x_refsource_FEDORA)
FEDORA-2019-320a5a6a68 (vendor-advisory, x_refsource_FEDORA)
FEDORA-2019-dc4e1d0fb6 (vendor-advisory, x_refsource_FEDORA)
security.netapp.com/advisory/ntap-20220325-0003/ (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2019-14844?: CVE-2019-14844 is a high-severity vulnerability in Mit Krb5, classified under CWE-628. CVSS score: 7.5/10. Published 2019-09-26.
How severe is CVE-2019-14844?: High severity. CVSS v3 base score is 7.5 out of 10.