CVE-2018-16860Improperly Implemented Security Check for Standard in Samba

CWE-358Improperly Implemented Security Check for Standard18 documents9 sources
Severity
7.5HIGHNVD
EPSS
2.0%
top 16.19%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Heimdal Project HeimdalSamba
Timeline
PublishedJul 31
Latest updateOct 13

Description

A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up to, excluding 4.9.8 and 4.10.x up to, excluding 4.10.3, when used in AD DC mode. A man in the middle attacker could use this flaw to intercept the request to the KDC and replace the user name (principal) in the request with any desired user name (principal) that exists in the KDC effectively obtaining a ticket for that principal.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.6 | Impact: 5.9

Affected Packages6 packages

NVDsamba/samba4.8.04.8.12+2
Debiansamba/samba< 2:4.9.5+dfsg-4+3
Debianheimdal_project/heimdal< 7.5.0+dfsg-3+3
Ubuntuheimdal_project/heimdal< 7.5.0+dfsg-1ubuntu0.1+3
NVDheimdal_project/heimdal0.87.5.0

🔴Vulnerability Details

4
OSV
heimdal vulnerabilities2022-10-13
GHSA
GHSA-282x-mj8h-7q8w: A flaw was found in samba's Heimdal KDC implementation, versions 42022-05-24
OSV
CVE-2018-16860: A flaw was found in samba's Heimdal KDC implementation, versions 42019-07-31
CVEList
CVE-2018-16860: A flaw was found in samba's Heimdal KDC implementation, versions 42019-07-31

📋Vendor Advisories

9
Ubuntu
Heimdal vulnerabilities2022-10-13
Apple
CVE-2018-16860: watchOS 5.32019-07-22
Apple
CVE-2018-16860: tvOS 12.42019-07-22
Apple
CVE-2018-16860: iOS 12.42019-07-22
Apple
CVE-2018-16860: macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra2019-07-22

💬Community

4
Bugzilla
CVE-2018-16860 heimdal: samba: S4U2Self with unkeyed checksum [epel-all]2019-05-14
Bugzilla
CVE-2018-16860 heimdal: samba: S4U2Self with unkeyed checksum [fedora-all]2019-05-14
Bugzilla
CVE-2018-16860 samba: S4U2Self with unkeyed checksum [fedora-all]2019-05-14
Bugzilla
CVE-2018-16860 samba: S4U2Self with unkeyed checksum2019-05-03
CVE-2018-16860 — Samba vulnerability | cvebase