Lucene search

K
ubuntucveUbuntu.comUB:CVE-2022-32743
HistorySep 01, 2022 - 12:00 a.m.

CVE-2022-32743

2022-09-0100:00:00
ubuntu.com
ubuntu.com
31

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

0.002 Low

EPSS

Percentile

51.9%

Samba does not validate the Validated-DNS-Host-Name right for the
dNSHostName attribute which could permit unprivileged users to write it.

Bugs

Notes

Author Note
mdeslaur per comments #11 and #12 in the upstream bug, this is a low-severity issue. Setting priority to low. Upstream Samba project did not publish updates for stable releases below 4.17.x

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

0.002 Low

EPSS

Percentile

51.9%