Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2021-20316
HistoryAug 23, 2022 - 12:00 a.m.

CVE-2021-20316

2022-08-2300:00:00
ubuntu.com
ubuntu.com
25
samba
share metadata
flaw
authenticated attacker
directory
file
bugzilla
vfs layer

6.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

0.002 Low

EPSS

Percentile

55.2%

JSON

A flaw was found in the way Samba handled file/directory metadata. This
flaw allows an authenticated attacker with permissions to read or modify
share metadata, to perform this operation outside of the share.

Bugs

Notes

Author Note
mdeslaur per upstream, fixing this required a whole rewrite of the VFS layer and there is no reasonable way to fix this in older versions. Marking this CVE as ignored for older releases.
OSVersionArchitecturePackageVersionFilename
ubuntu14.04noarchsamba< anyUNKNOWN
ubuntu16.04noarchsamba< anyUNKNOWN

Related

redhatcve 1
nvd 1
debiancve 1
prion 1
osv 3
cvelist 1
cve 1
openvas 6
cbl_mariner 1
veracode 1
alpinelinux 1
rocky 1
nessus 14
oraclelinux 1
almalinux 1
redhat 2
fedora 1
mageia 1
suse 1
gentoo 1
redhatcve
redhatcve
CVE-2021-20316
2022-01-10 18:55:25
nvd
nvd
CVE-2021-20316
2022-08-23 16:15:09
debiancve
debiancve
CVE-2021-20316
2022-08-23 16:15:09
prion
prion
Design/Logic Flaw
2022-08-23 16:15:00
osv
osv
CVE-2021-20316
2022-08-23 16:15:09
Moderate: samba security, bug fix, and enhancement update
2022-05-10 08:15:39
Moderate: samba security, bug fix, and enhancement update
2022-05-10 00:00:00
cvelist
cvelist
CVE-2021-20316
2022-08-23 00:00:00
cve
cve
CVE-2021-20316
2022-08-23 16:15:09
openvas
openvas
Samba Symlink Race Vulnerability (CVE-2021-20316)
2022-01-12 00:00:00
Mageia: Security Advisory (MGASA-2022-0054)
2022-02-11 00:00:00
Fedora: Security Advisory for samba (FEDORA-2022-50da406d40)
2022-02-02 00:00:00
cbl_mariner
cbl_mariner
CVE-2021-20316 affecting package samba 4.12.5-6
2024-07-05 09:08:40
veracode
veracode
Privilege Escalation
2022-04-13 17:46:06
alpinelinux
alpinelinux
CVE-2021-20316
2022-08-23 16:15:00
rocky
rocky
samba security, bug fix, and enhancement update
2022-05-10 08:15:39
nessus
nessus
AlmaLinux 8 : samba (ALSA-2022:2074)
2022-05-12 00:00:00
RHEL 8 : samba (RHSA-2022:1756)
2022-05-10 00:00:00
CentOS 8 : samba (CESA-2022:2074)
2022-05-10 00:00:00
oraclelinux
oraclelinux
samba security, bug fix, and enhancement update
2022-05-17 00:00:00
almalinux
almalinux
Moderate: samba security, bug fix, and enhancement update
2022-05-10 00:00:00
redhat
redhat
(RHSA-2022:1756) Moderate: samba security, bug fix and enhancement update
2022-05-10 04:11:43
(RHSA-2022:2074) Moderate: samba security, bug fix, and enhancement update
2022-05-10 08:15:39
fedora
fedora
[SECURITY] Fedora 35 Update: samba-4.15.5-0.fc35
2022-02-02 01:26:36
mageia
mageia
Updated samba packages fix security vulnerability
2022-02-09 23:46:00
suse
suse
Security update for samba (important)
2022-02-01 00:00:00
gentoo
gentoo
Samba: Multiple Vulnerabilities
2023-09-17 00:00:00

6.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

0.002 Low

EPSS

Percentile

55.2%

JSON
Related for UB:CVE-2021-20316
redhatcve1nvd1debiancve1prion1osv3cvelist1cve1openvas6cbl_mariner1veracode1alpinelinux1rocky1nessus14oraclelinux1almalinux1redhat2fedora1mageia1suse1gentoo1