2.5 Low
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
1.2 Low
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:H/Au:N/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
38.7%
All versions of Samba prior to 4.13.16 are vulnerable to a malicious client
using an SMB1 or NFS race to allow a directory to be created in an area of
the server file system not exported under the share definition. Note that
SMB1 has to be enabled, or the share also available via NFS in order for
this attack to succeed.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 22.04 | noarch | samba | < 4.13.17~dfsg-0ubuntu1 | UNKNOWN |
ubuntu | 22.10 | noarch | samba | < 4.13.17~dfsg-0ubuntu1 | UNKNOWN |
ubuntu | 14.04 | noarch | samba | < any | UNKNOWN |
ubuntu | 16.04 | noarch | samba | < any | UNKNOWN |
ubuntu | 18.04 | noarch | samba | < any | UNKNOWN |
ubuntu | 20.04 | noarch | samba | < 2:4.13.17~dfsg-0ubuntu0.21.04.1 | UNKNOWN |
ubuntu | 21.10 | noarch | samba | < 2:4.13.17~dfsg-0ubuntu0.21.10.1 | UNKNOWN |
ubuntu | 23.04 | noarch | samba | < 4.13.17~dfsg-0ubuntu1 | UNKNOWN |
ubuntu | 23.10 | noarch | samba | < 4.13.17~dfsg-0ubuntu1 | UNKNOWN |
2.5 Low
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
1.2 Low
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:H/Au:N/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
38.7%