Lucene search

K
cvelistRedhatCVELIST:CVE-2019-14902
HistoryJan 21, 2020 - 12:00 a.m.

CVE-2019-14902

2020-01-2100:00:00
CWE-284
redhat
www.cve.org
1

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

6 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.1%

There is an issue in all samba 4.11.x versions before 4.11.5, all samba 4.10.x versions before 4.10.12 and all samba 4.9.x versions before 4.9.18, where the removal of the right to create or modify a subtree would not automatically be taken away on all domain controllers.

CNA Affected

[
  {
    "vendor": "[UNKNOWN]",
    "product": "samba",
    "versions": [
      {
        "version": "all samba 4.11.x versions before 4.11.5",
        "status": "affected"
      },
      {
        "version": "all samba 4.10.x versions before 4.10.12",
        "status": "affected"
      },
      {
        "version": "all samba 4.9.x versions before 4.9.18",
        "status": "affected"
      }
    ]
  }
]

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

6 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.1%