cbcvebase.
CVE-2017-12150
published 2017-11-08

CVE-2017-12150: It was discovered that the fix for CVE-2017-12150 was not properly shipped in erratum RHSA-2017:2858 for Red Hat Gluster Storage 3.3 for RHEL 6.

PriorityP348high7.4CVSS 3.1
AVNACHPRNUINSUCHIHAN
EPSS
13.23%
95.9th percentile
It was discovered that the fix for CVE-2017-12150 was not properly shipped in erratum RHSA-2017:2858 for Red Hat Gluster Storage 3.3 for RHEL 6.

Affected

25 ranges
VendorProductVersion rangeFixed in
debiandebian_linux
debiandebian_linux
debiansamba< samba 2:4.6.7+dfsg-2 (bookworm)samba 2:4.6.7+dfsg-2 (bookworm)
debiansamba
msrcazl3_samba_4.18.3-1_on_azure_linux_3.0
msrcazure_linux_3.0_arm
msrcazure_linux_3.0_x64
red_hat_incgluster_storage_for_rhel_6
redhatenterprise_linux_desktop
redhatenterprise_linux_desktop
redhatenterprise_linux_server
redhatenterprise_linux_server
redhatenterprise_linux_workstation
redhatenterprise_linux_workstation
redhatgluster_storage
redhatgluster_storage
sambasamba>= 0 < 2:4.6.7+dfsg-22:4.6.7+dfsg-2
sambasamba>= 0 < 2:4.6.7+dfsg-22:4.6.7+dfsg-2
sambasamba>= 0 < 2:4.6.7+dfsg-22:4.6.7+dfsg-2
sambasamba>= 0 < 2:4.6.7+dfsg-22:4.6.7+dfsg-2
sambasamba>= 0 < 2:4.3.11+dfsg-0ubuntu0.14.04.122:4.3.11+dfsg-0ubuntu0.14.04.12
sambasamba>= 0 < 2:4.3.11+dfsg-0ubuntu0.16.04.112:4.3.11+dfsg-0ubuntu0.16.04.11
sambasamba>= 3.0.25 < 4.4.164.4.16
sambasamba>= 4.5.0 < 4.5.144.5.14
sambasamba>= 4.6.0 < 4.6.84.6.8

CVSS provenance

nvdv3.17.4HIGHCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
nvdv3.07.4HIGHCVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
nvdv2.05.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:N
osv7.4HIGH
vendor_debian7.4HIGH
vendor_msrc7.4HIGH
vendor_redhat7.4HIGH
vendor_ubuntu7.4HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.