10 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
Samba is used by IBM Netezza Host Management. This bulletin provides mitigation for the reported CVE.
CVEID:CVE-2020-1472
**DESCRIPTION:**Microsoft Windows could allow a remote attacker to gain elevated privileges on the system, caused by an error when establishing a vulnerable Netlogon secure channel connection to a domain controller. By executing a specially-crafted program, an attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
CVSS Base score: 8.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/185897 for the current score.
CVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Affected Product(s) | Version(s) |
---|---|
IBM Netezza Host Management | All IBM Netezza Host Management starting 5.4.5.0 |
None
Mitigation of the reported CVE : CVE-2020-1472 on PureData System for Analytics N200x and N3001 is as follows:
Execute below steps using “root” user on both ha1/ha2 hosts
Step 1. Check if Samba module is installed in the host
[host]# rpm -qa | grep samba
Step 2. Check if Samba service is running
[host]# /etc/init.d/smb status
Step 3. If Samba service is running, stop the smb service
[host]# /etc/init.d/smb stop
Step 4. Backup the /etc/samba/smb.conf file
[host]# cp /etc/samba/smb.conf /etc/samba/smb.conf_backup
Step 5. Edit the /etc/samba/smb.conf and set following parameters in global settings as below:
#============ Global Settings ==========
[global]
server schannel = yes
Step 6. Start the smb services using below command:
[host]# /etc/init.d/smb start
Note : If samba configuration file smb.conf is modified in the future, please verify if above settings are changed. If changed, make sure to mitigate this issue by following steps 2 to 6.
CPE | Name | Operator | Version |
---|---|---|---|
ibm puredata system | eq | any |
10 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C