CVE-2020-25717

Published Feb 18, 2022
Last updated a year ago
CVSS high 8.1
Overview

Description: A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation.
Source: secalert@redhat.com
NVD status: Modified
Risk scores

CVSS 3.1

Type: Primary
Base score: 8.1
Impact score: 5.2
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Severity: HIGH
CVSS 2.0

Type: Primary
Base score: 8.5
Impact score: 9.2
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:C/I:C/A:N
Weaknesses

nvd@nist.gov: CWE-20
secalert@redhat.com: CWE-20
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BA32EB89-D016-4181-94A6-66872DF23385",
            "versionEndExcluding": "4.13.14",
            "versionStartIncluding": "3.0.0"
          },
          {
            "criteria": "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E2BD5F53-14DC-4BBF-8E5D-A1DBD24B5F02",
            "versionEndExcluding": "4.14.10",
            "versionStartIncluding": "4.14.0"
          },
          {
            "criteria": "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8F33C9B3-33EE-431B-93CF-B738D05BBD0A",
            "versionEndExcluding": "4.15.2",
            "versionStartIncluding": "4.15.0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252"
          },
          {
            "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194"
          },
          {
            "criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835"
          },
          {
            "criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:redhat:codeready_linux_builder:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1CD81C46-328B-412D-AF4E-68A2AD2F1A73"
          },
          {
            "criteria": "cpe:2.3:a:redhat:gluster_storage:3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F1986832-44C9-491E-A75D-AAD8FAE683E6"
          },
          {
            "criteria": "cpe:2.3:a:redhat:gluster_storage:3.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "135265D8-583D-41EB-B741-419FC871CE91"
          },
          {
            "criteria": "cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "704CFA1A-953E-4105-BFBE-406034B83DED"
          },
          {
            "criteria": "cpe:2.3:a:redhat:openstack:16.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C9D3F4FF-AD3D-4D17-93E8-84CAFCED2F59"
          },
          {
            "criteria": "cpe:2.3:a:redhat:openstack:16.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "307846C3-F2B3-4E0D-AA31-BCC1444589F8"
          },
          {
            "criteria": "cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6BBD7A51-0590-4DDF-8249-5AFA8D645CB6"
          },
          {
            "criteria": "cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BB28F9AF-3D06-4532-B397-96D7E4792503"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "831F0F47-3565-4763-B16F-C87B1FF2035E"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0E3F09B5-569F-4C58-9FCA-3C0953D107B5"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "566507B6-AC95-47F7-A3FB-C6F414E45F51"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "87C21FE1-EA5C-498F-9C6C-D05F91A88217"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0AB105EC-19F9-424A-86F1-305A6FD74A9C"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8C9BD9AE-46FC-4609-8D99-A3CFE91D58D1"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1CDCFF34-6F1D-45A1-BE37-6A0E17B04801"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B4A684C7-88FD-43C4-9BDB-AE337FCBD0AB"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "47811209-5CE5-4375-8391-B0A7F6A0E420"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E5C80DB2-4A78-4EC9-B2A8-1E4D902C4834"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "983533DD-3970-4A37-9A9C-582BD48AA1E5"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "37CE1DC7-72C5-483C-8921-0B462C8284D1"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_resilient_storage:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F66BE726-A258-42D7-B23A-925F50FDF449"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6897676D-53F9-45B3-B27F-7FF9A4C58D33"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E28F226A-CBC7-4A32-BE58-398FA5B42481"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AC10D919-57FD-4725-B8D2-39ECB476902F"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3921C1CF-A16D-4727-99AD-03EFFA7C91CA"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BC6DD887-9744-43EA-8B3C-44C6B6339590"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_tus:8.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9C24797C-0397-4D4F-ADC3-3B99095DBB35"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D"
          },
          {
            "criteria": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "902B8056-9E37-443B-8905-8AA93E2447FB"
          },
          {
            "criteria": "cpe:2.3:o:canonical:ubuntu_linux:21.04:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8EF1C1CC-3FAE-4DE3-BC41-E5B14D5721F4"
          },
          {
            "criteria": "cpe:2.3:o:canonical:ubuntu_linux:21.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AAE4D2D0-CEEB-416F-8BC5-A7987DF56190"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References
