CVE-2025-3576

MEDIUM(5.9)

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

Risk Signal Score15/100 — NIEDRIG

CVSS 5.9 — Mittel

EPSS-Score

Exploit-Wahrscheinlichkeit (30 Tage)

CVSS Score

5.9

Technische Schwere

Beschreibung

A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This may lead to unauthorized message tampering.

Referenzen

https://access.redhat.com/errata/RHSA-2025:11487
https://access.redhat.com/errata/RHSA-2025:13664
https://access.redhat.com/errata/RHSA-2025:13777
https://access.redhat.com/errata/RHSA-2025:15000
https://access.redhat.com/errata/RHSA-2025:15001
https://access.redhat.com/errata/RHSA-2025:15002
https://access.redhat.com/errata/RHSA-2025:15003
https://access.redhat.com/errata/RHSA-2025:15004
https://access.redhat.com/errata/RHSA-2025:8411
https://access.redhat.com/errata/RHSA-2025:9418