7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
6 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
0.013 Low
EPSS
Percentile
85.7%
Samba, operating as an AD DC, is sometimes operated in a domain with a
mix of Samba and Windows Active Directory Domain Controllers.
All versions of Samba from 4.0.0 to 4.3.2 inclusive, when deployed as
an AD DC in the same domain with Windows DCs, could be used to
override the protection against the MS15-096 / CVE-2015-2535 security
issue in Windows.
Prior to MS16-096 it was possible to bypass the quota of machine
accounts a non-administrative user could create. Pure Samba domains
are not impacted, as Samba does not implement the
SeMachineAccountPrivilege functionality to allow non-administrator
users to create new computer objects.
Patches addressing this defect have been posted to
https://www.samba.org/samba/history/security.html
Additionally, Samba 4.3.3, 4.2.7 and 4.1.22 have been issued as
security releases to correct the defect.
Samba vendors and administrators running affected versions as
an AD DC in combination with Windows AD DCs are advised to
pgrade or apply the patch as soon as possible.
Only users with SeMachineAccountPrivilege can exploit this issue in
Windows, removing this privilege from “Authenticated Users” can provide
a mitigation.
This problem was found by Andrew Bartlett <[email protected]> of the
Samba Team and Catalyst (www.catalyst.net.nz), who also provided the
fix.
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
6 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
0.013 Low
EPSS
Percentile
85.7%