7.5

CVSS Score

3.1

Basic Information

CVE ID

CVE-2024-37370

GHSA ID

GHSA-wvrw-2fv8-cjvx

EPSS Score

0.26574%

CWE

CWE-345

Published

6/29/2024

Updated

3/13/2025

KEV Status

Technology

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2024-37370

CVE-2024-37370: In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count...

In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.

(GitHub Advisory)

7.5

CVSS Score

3.1

Basic Information

CVE ID

CVE-2024-37370

GHSA ID

GHSA-wvrw-2fv8-cjvx

EPSS Score

0.26574%

CWE

CWE-345

Published

6/29/2024

Updated

3/13/2025

KEV Status

Technology

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The analysis is based on the provided commit 55fbf435edbe2e92dd8101669b1ce7144bc96fef, which explicitly aims to fix CVE-2024-37370 and CVE-2024-37371. The commit message details the flaws: missing Extra Count verification (CVE-2024-37370) and insufficient length checks leading to memory safety issues (CVE-2024-37371). The modified C functions (gss_krb5int_unseal_token_v3, gss_krb5int_unseal_v3_iov, and kg_unseal_iov_token) are directly involved in processing GSS wrap tokens.

gss_krb5int_unseal_token_v3 had missing checks for both plaintext length (potentially leading to reads before buffer start) and Extra Count field consistency.
gss_krb5int_unseal_v3_iov had a missing check for Extra Count field consistency.
kg_unseal_iov_token had improper handling of ASN.1 wrapper lengths relative to the header buffer size, potentially leading to reads beyond the buffer. The patches add these missing checks and refine parsing logic, confirming these functions were the sites of the vulnerabilities.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

In MIT K*r**ros * (*k* kr**) ***or* *.**.*, *n *tt**k*r **n mo*i*y t** pl*int*xt *xtr* *ount *i*l* o* * *on*i**nti*l *SS kr** wr*p tok*n, **usin* t** unwr*pp** tok*n to *pp**r trun**t** to t** *ppli**tion.

Reasoning

T** *n*lysis is **s** on t** provi*** *ommit `****************************************`, w*i** *xpli*itly *ims to *ix *V*-****-***** *n* *V*-****-*****. T** *ommit m*ss*** **t*ils t** *l*ws: missin* *xtr* *ount v*ri*i**tion (*V*-****-*****) *n* insu*

7.5

Basic Information

Concerned about an active attack path?

CVE-2024-37370: In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count...

7.5

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI