Overview
- Description
- A flaw was found in Samba. Samba AD users can cause the server to access uninitialized data with an LDAP add or modify the request, usually resulting in a segmentation fault.
- Source
- secalert@redhat.com
- NVD status
- Modified
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 8.1
- Impact score
- 5.2
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
- Severity
- HIGH
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7A97D622-0235-4890-A2AF-10C3E6010D32",
"versionEndExcluding": "4.14.14",
"versionStartIncluding": "4.13.14"
},
{
"criteria": "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6E947A97-F159-4257-8197-13E8588C78A4",
"versionEndExcluding": "4.15.9",
"versionStartIncluding": "4.15.2"
},
{
"criteria": "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8479455F-FFCD-46F1-B0E3-EBC082F89C16",
"versionEndExcluding": "4.16.4",
"versionStartIncluding": "4.16.0"
}
],
"operator": "OR"
}
]
}
]