Insufficient Resource Pool

CVE-2025-27479

High

7.5/10

Summary

Insufficient resource pool in Windows Kerberos allows an unauthorized attacker to deny service over a network.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: NONE
Availability Impact: HIGH

CWE-410 - Insufficient Resource Pool

The software's resource pool is not large enough to handle peak demand, which allows an attacker to prevent others from accessing the resource by using a (relatively) large number of requests for resources.

References

Advisory Timeline

Published Apr 08, 2025

Insufficient Resource Pool

CVE-2025-27479

Summary

CWE-410 - Insufficient Resource Pool

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS