cbcvebase.
CVE-2018-1057
published 2018-03-13

CVE-2018-1057: On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 onwards incorrectly validates permissions to modify passwords over LDAP allowing…

PriorityP355high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
10.31%
95.1th percentile
On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 onwards incorrectly validates permissions to modify passwords over LDAP allowing authenticated users to change any other users' passwords, including administrative users and privileged service accounts (eg Domain Controllers).

Affected

18 ranges
VendorProductVersion rangeFixed in
canonicalubuntu_linux
canonicalubuntu_linux
canonicalubuntu_linux
debiandebian_linux
debiansamba< samba 2:4.7.4+dfsg-2 (bookworm)samba 2:4.7.4+dfsg-2 (bookworm)
msrccbl2_samba_4.12.5-6_on_cbl_mariner_2.0
msrccbl_mariner_2.0_arm
msrccbl_mariner_2.0_x64
sambasamba
sambasamba>= 0 < 2:4.7.4+dfsg-22:4.7.4+dfsg-2
sambasamba>= 0 < 2:4.7.4+dfsg-22:4.7.4+dfsg-2
sambasamba>= 0 < 2:4.7.4+dfsg-22:4.7.4+dfsg-2
sambasamba>= 0 < 2:4.7.4+dfsg-22:4.7.4+dfsg-2
sambasamba>= 0 < 2:4.3.11+dfsg-0ubuntu0.14.04.142:4.3.11+dfsg-0ubuntu0.14.04.14
sambasamba>= 0 < 2:4.3.11+dfsg-0ubuntu0.16.04.132:4.3.11+dfsg-0ubuntu0.16.04.13
sambasamba>= 4.0.0 < 4.5.164.5.16
sambasamba>= 4.6.0 < 4.6.144.6.14
sambasamba>= 4.7.0 < 4.7.64.7.6

CVSS provenance

nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P
osv8.8HIGH
vendor_debian8.8HIGH
vendor_msrc8.8HIGH
vendor_redhat8.8HIGH
vendor_ubuntu4.3MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.