CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
AI Score
Confidence
High
EPSS
Percentile
59.9%
Demi Marie Obenour discovered that the Samba LDAP server incorrectly
handled certain confidential attribute values. A remote authenticated
attacker could possibly use this issue to obtain certain sensitive
information. (CVE-2023-0614)
Andrew Bartlett discovered that the Samba AD DC admin tool incorrectly
sent passwords in cleartext. A remote attacker could possibly use this
issue to obtain sensitive information. (CVE-2023-0922)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 22.10 | noarch | samba | < 2:4.16.8+dfsg-0ubuntu1.1 | UNKNOWN |
Ubuntu | 22.10 | noarch | ctdb | < 2:4.16.8+dfsg-0ubuntu1.1 | UNKNOWN |
Ubuntu | 22.10 | noarch | ctdb-dbgsym | < 2:4.16.8+dfsg-0ubuntu1.1 | UNKNOWN |
Ubuntu | 22.10 | noarch | ldb-tools | < 2:2.5.3+samba4.16.8-0ubuntu1.1 | UNKNOWN |
Ubuntu | 22.10 | noarch | ldb-tools-dbgsym | < 2:2.5.3+samba4.16.8-0ubuntu1.1 | UNKNOWN |
Ubuntu | 22.10 | noarch | libldb-dev | < 2:2.5.3+samba4.16.8-0ubuntu1.1 | UNKNOWN |
Ubuntu | 22.10 | noarch | libldb2 | < 2:2.5.3+samba4.16.8-0ubuntu1.1 | UNKNOWN |
Ubuntu | 22.10 | noarch | libldb2-dbgsym | < 2:2.5.3+samba4.16.8-0ubuntu1.1 | UNKNOWN |
Ubuntu | 22.10 | noarch | libnss-winbind | < 2:4.16.8+dfsg-0ubuntu1.1 | UNKNOWN |
Ubuntu | 22.10 | noarch | libnss-winbind-dbgsym | < 2:4.16.8+dfsg-0ubuntu1.1 | UNKNOWN |