5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
5.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:P/A:P
0.002 Low
EPSS
Percentile
60.7%
Samba is supported on IBM i. IBM i has addressed the applicable CVE.
This security bulletin has been updated, on June 21, 2019, as an additional IBM i PTF is available for IBM i 7.4.
CVEID: CVE-2019-3880 DESCRIPTION: Samba could allow a remote authenticated attacker to traverse directories on the system. An attacker could send a specially-crafted “winreg_SaveKey” request to create a new registry hive file outside a Samba share.
CVSS Base Score: 6.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/159188> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L)
Releases 7.2, 7.3, and 7.4 of IBM i are affected.
The issue can be fixed by applying a PTF to IBM i.
Releases 7.2, 7.3, and 7.4 of IBM i are supported and will be fixed.
The IBM i PTF numbers are:
Release 7.2 – SI69591
Release 7.3 – SI69592
Release 7.4 – SI69593
<https://www-945.ibm.com/support/fixcentral/>
_Important note: _IBM recommends that all users running unsupported versions of affected products upgrade to supported and fixed version of affected products.
None
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
5.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:P/A:P
0.002 Low
EPSS
Percentile
60.7%