10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.494 Medium
EPSS
Percentile
97.5%
Samba development team reports:
Samba versions 3.6.3 and all versions previous to this
are affected by a vulnerability that allows remote code
execution as the “root” user from an anonymous connection.
As this does not require an authenticated connection it
is the most serious vulnerability possible in a program,
and users and vendors are encouraged to patch their Samba
installations immediately.