{
    "containers": {
        "cna": {
            "providerMetadata": {
                "dateUpdated": "2020-06-03T13:50:09",
                "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
                "shortName": "redhat"
            },
            "rejectedReasons": [
                {
                    "lang": "en",
                    "value": "DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: Red Hat Product Security does not consider this as a security flaw. Password changes aren't expected to invalidate existing sessions. Though this is how Kerberos behaves: incrementing kvno will not invalidate any existing service tickets. This is not a concern because the lifetime on service tickets should be set appropriately (initially only a global, now also more finely configurable with the kdcpolicy plugin). This belief is reinforced by our use of mod_session: existing sessions there aren't terminated, but instead wait for expiration"
                }
            ]
        }
    },
    "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2020-1703",
        "datePublished": "2020-06-03T13:49:08",
        "dateRejected": "2020-06-03T13:49:08",
        "dateReserved": "2019-11-27T00:00:00",
        "dateUpdated": "2020-06-03T13:50:09",
        "state": "REJECTED"
    },
    "dataType": "CVE_RECORD",
    "dataVersion": "5.0"
}