Lucene search

K

PRIOn knowledge basePRION:CVE-2019-14902

HistoryJan 21, 2020 - 6:15 p.m.

Code injection

2020-01-2118:15:00

PRIOn knowledge base

www.prio-n.com

6

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

5.5 Medium

AI Score

Confidence

High

5.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:P/A:N

0.002 Low

EPSS

Percentile

59.8%

There is an issue in all samba 4.11.x versions before 4.11.5, all samba 4.10.x versions before 4.10.12 and all samba 4.9.x versions before 4.9.18, where the removal of the right to create or modify a subtree would not automatically be taken away on all domain controllers.

CPENameOperatorVersion
ubuntu_linuxeq16.04
ubuntu_linuxeq18.04
ubuntu_linuxeq19.04
ubuntu_linuxeq19.10
debian_linuxeq9.0
leapeq15.1
sambage4.10.0
sambalt4.10.12
sambage4.11.0
sambalt4.11.5

Rows per page:

1-10 of 121

References

lists.opensuse.org/opensuse-security-announce/2020-01/msg00055.html

bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14902

lists.debian.org/debian-lts-announce/2021/05/msg00023.html

lists.debian.org/debian-lts-announce/2023/09/msg00013.html

lists.fedoraproject.org/archives/list/[email protected]/message/4ACZVNMIFQGGXNJPMHAVBN3H2U65FXQY/

lists.fedoraproject.org/archives/list/[email protected]/message/GQ6U65I2K23YJC4FESW477WL55TU3PPT/

security.gentoo.org/glsa/202003-52

security.netapp.com/advisory/ntap-20200122-0001/

usn.ubuntu.com/4244-1/

www.samba.org/samba/security/CVE-2019-14902.html

www.synology.com/security/advisory/Synology_SA_20_01

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

5.5 Medium

AI Score

Confidence

High

5.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:P/A:N

0.002 Low

EPSS

Percentile

59.8%

Related for PRION:CVE-2019-14902

veracode1 cve1 samba1 osv3 ubuntucve1 debiancve1 nessus19 redhatcve1 openvas19 alpinelinux1 altlinux3 freebsd1 cisa1 suse1 ubuntu1 mageia1 fedora2 debian2 gentoo1