CVE-2021-36222

ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon crash. This occurs because a return value is not properly managed in a certain situation.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*
cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*

Configuration 4 (hide)

cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*

Information

Published : 2021-07-22 11:15

Updated : 2021-11-28 15:19


NVD link : CVE-2021-36222

Mitre link : CVE-2021-36222


JSON object : View

CWE
CWE-476

NULL Pointer Dereference

Advertisement

dedicated server usa

Products Affected

netapp

  • oncommand_workflow_automation
  • oncommand_insight
  • active_iq_unified_manager
  • snapcenter

oracle

  • mysql_server

debian

  • debian_linux

mit

  • kerberos_5