CVE-2020-25718Missing Authorization in Samba

CWE-862Missing AuthorizationCWE-732Incorrect Permission Assignment12 documents7 sources
Severity
8.8HIGHNVD
OSV5.9
EPSS
0.2%
top 58.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
7
SambaDebian SambaFedoraproject Fedora+4 more
Timeline
PublishedFeb 18
Latest updateFeb 19

Description

A flaw was found in the way samba, as an Active Directory Domain Controller, is able to support an RODC (read-only domain controller). This would allow an RODC to print administrator tickets.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages9 packages

NVDsamba/samba4.0.04.13.14+2
debiandebian/samba< samba 2:4.13.14+dfsg-1 (bookworm)
Debiansamba/samba< 2:4.13.13+dfsg-1~deb11u2+3
Ubuntusamba/samba< 2:4.13.14+dfsg-0ubuntu0.20.04.4+2
CVEListV5samba/sambasamba 4.15.2, samba 4.14.10, samba 4.13.14

Also affects: Fedora 35

🔴Vulnerability Details

5
GHSA
GHSA-xrvp-6c6f-cv37: A flaw was found in the way samba, as an Active Directory Domain Controller, is able to support an RODC (read-only domain controller)2022-02-19
OSV
CVE-2020-25718: A flaw was found in the way samba, as an Active Directory Domain Controller, is able to support an RODC (read-only domain controller)2022-02-18
OSV
samba regression2021-12-13
OSV
samba regressions2021-12-06
OSV
samba vulnerabilities2021-11-11

📋Vendor Advisories

6
Microsoft
A flaw was found in the way samba as an Active Directory Domain Controller is able to support an RODC (read-only domain controller). This would allow an RODC to print administrator tickets.2022-02-08
Ubuntu
Samba regression2021-12-13
Ubuntu
Samba regressions2021-12-06
Ubuntu
Samba vulnerabilities2021-11-11
Red Hat
samba: Samba AD DC did not correctly sandbox Kerberos tickets issues by an RODC2021-11-09