4.3

CVE-2020-14318

A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be unavailable to the attacker.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SambaSamba Version >= 3.6.0 < 4.11.15
SambaSamba Version >= 4.12.0 < 4.12.9
SambaSamba Version >= 4.13.0 < 4.13.1
RedhatStorage Version3.0
RedhatEnterprise Linux Version7.0
RedhatEnterprise Linux Version8.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.52% 0.713
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 2.8 1.4
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
nvd@nist.gov 4 8 2.9
AV:N/AC:L/Au:S/C:P/I:N/A:N
134c704f-9b21-4f2e-91b3-4a467353bcc0 4.3 2.8 1.4
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CWE-266 Incorrect Privilege Assignment

A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.

CWE-269 Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

https://security.gentoo.org/glsa/202012-24
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html
https://bugzilla.redhat.com/show_bug.cgi?id=1892631
Patch
Third Party Advisory
Issue Tracking
https://www.samba.org/samba/security/CVE-2020-14318.html
Vendor Advisory