ГлавнаяУязвимости → CVE-2024-26461
7.5высокая

CVE-2024-26461

→ есть в БДУ: BDU:2024-02520 (на русском)
Описание (на английском; русское — в БДУ выше)

Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c.

Затрагиваемое ПО
Mit Kerberos 5Netapp Active iq unified managerNetapp Cloud volumes ontap mediatorNetapp Management services for element software and netapp hciNetapp Ontap 9Netapp Ontap select deploy administration utilityNetapp H610c firmwareNetapp H610cNetapp H610s firmwareNetapp H610sNetapp H615c firmwareNetapp H615c
CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Источники
https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_2.mdhttps://security.netapp.com/advisory/ntap-20240415-0011/https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_2.mdhttps://security.netapp.com/advisory/ntap-20240415-0011/