CVE-2019-14902

Sažetak

There is an issue in all samba 4.11.x versions before 4.11.5, all samba 4.10.x versions before 4.10.12 and all samba 4.9.x versions before 4.9.18, where the removal of the right to create or modify a subtree would not automatically be taken away on all domain controllers.

Reference

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14902
https://www.samba.org/samba/security/CVE-2019-14902.html
https://security.netapp.com/advisory/ntap-20200122-0001/
https://www.synology.com/security/advisory/Synology_SA_20_01
https://usn.ubuntu.com/4244-1/
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00055.html
https://security.gentoo.org/glsa/202003-52
https://lists.debian.org/debian-lts-announce/2021/05/msg00023.html
https://lists.debian.org/debian-lts-announce/2023/09/msg00013.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GQ6U65I2K23YJC4FESW477WL55TU3PPT/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4ACZVNMIFQGGXNJPMHAVBN3H2U65FXQY/

CVSS

Base:	5.5
Impact:	4.9
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	NONE

CVSS vektor

AV:N/AC:L/Au:S/C:P/I:P/A:N

Zadnje važnije ažuriranje

07-11-2023 - 03:05

Objavljeno

21-01-2020 - 18:15