CVE-2020-25722
Published: 9 November 2021
Multiple flaws were found in the way samba AD DC implemented access and conformance checking of stored data. An attacker could use this flaw to cause total domain compromise.
Priority
Status
Package | Release | Status |
---|---|---|
samba
Launchpad, Ubuntu, Debian |
bionic |
Released
(2:4.7.6+dfsg~ubuntu-0ubuntu2.26)
|
focal |
Released
(2:4.13.14+dfsg-0ubuntu0.20.04.1)
|
|
hirsute |
Released
(2:4.13.14+dfsg-0ubuntu0.21.04.1)
|
|
impish |
Released
(2:4.13.14+dfsg-0ubuntu0.21.10.1)
|
|
jammy |
Released
(2:4.13.14+dfsg-0ubuntu1)
|
|
kinetic |
Released
(2:4.13.14+dfsg-0ubuntu1)
|
|
lunar |
Released
(2:4.13.14+dfsg-0ubuntu1)
|
|
mantic |
Released
(2:4.13.14+dfsg-0ubuntu1)
|
|
noble |
Released
(2:4.13.14+dfsg-0ubuntu1)
|
|
trusty |
Needed
|
|
upstream |
Released
(4.13.14)
|
|
xenial |
Needed
|
Severity score breakdown
Parameter | Value |
---|---|
Base score | 8.8 |
Attack vector | Network |
Attack complexity | Low |
Privileges required | Low |
User interaction | None |
Scope | Unchanged |
Confidentiality | High |
Integrity impact | High |
Availability impact | High |
Vector | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |