[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249461

 
 

909

 
 

195508

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2019-14902Date: (C)2020-01-22   (M)2023-12-22


There is an issue in all samba 4.11.x versions before 4.11.5, all samba 4.10.x versions before 4.10.12 and all samba 4.9.x versions before 4.9.18, where the removal of the right to create or modify a subtree would not automatically be taken away on all domain controllers.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 5.4CVSS Score : 5.5
Exploit Score: 2.8Exploit Score: 8.0
Impact Score: 2.5Impact Score: 4.9
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: NETWORKAccess Vector: NETWORK
Attack Complexity: LOWAccess Complexity: LOW
Privileges Required: LOWAuthentication: SINGLE
User Interaction: NONEConfidentiality: PARTIAL
Scope: UNCHANGEDIntegrity: PARTIAL
Confidentiality: LOWAvailability: NONE
Integrity: LOW 
Availability: NONE 
  
Reference:
FEDORA-2020-6bd386c7eb
FEDORA-2020-f92cd0e72b
GLSA-202003-52
USN-4244-1
https://lists.debian.org/debian-lts-announce/2021/05/msg00023.html
https://lists.debian.org/debian-lts-announce/2023/09/msg00013.html
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14902
https://security.netapp.com/advisory/ntap-20200122-0001/
https://www.samba.org/samba/security/CVE-2019-14902.html
https://www.synology.com/security/advisory/Synology_SA_20_01
openSUSE-SU-2020:0122

CPE    4
cpe:/o:debian:debian_linux:9.0
cpe:/a:samba:samba
cpe:/o:canonical:ubuntu_linux:18.04::~~lts~~~
cpe:/o:canonical:ubuntu_linux:16.04::~~lts~~~
...
OVAL    14
oval:org.secpod.oval:def:89002988
oval:org.secpod.oval:def:60869
oval:org.secpod.oval:def:60857
oval:org.secpod.oval:def:61775
...

© SecPod Technologies