cbcvebase.
CVE-2021-20208
published 2021-04-19

CVE-2021-20208: A flaw was found in cifs-utils in versions before 6.13. A user when mounting a krb5 CIFS file system from within a container can use Kerberos credentials of…

PriorityP428medium6.1CVSS 3.1
AVLACHPRLUIRSCCLIHAN
EPSS
0.64%
46.2th percentile
A flaw was found in cifs-utils in versions before 6.13. A user when mounting a krb5 CIFS file system from within a container can use Kerberos credentials of the host. The highest threat from this vulnerability is to data confidentiality and integrity.

Affected

23 ranges
VendorProductVersion rangeFixed in
debiancifs-utils< cifs-utils 2:6.11-3 (bookworm)cifs-utils 2:6.11-3 (bookworm)
fedoraprojectfedora
fedoraprojectfedora
fedoraprojectfedora
msrccbl2_cifs-utils_6.8-6_on_cbl_mariner_2.0
msrccbl_mariner_1.0_arm
msrccbl_mariner_1.0_x64
msrccbl_mariner_2.0_arm
msrccbl_mariner_2.0_x64
msrccm1_cifs-utils_6.8-5_on_cbl_mariner_1.0
redhatenterprise_linux
redhatenterprise_linux
sambacifs-utils
sambacifs-utils>= 0 < 2:6.11-32:6.11-3
sambacifs-utils>= 0 < 2:6.11-32:6.11-3
sambacifs-utils>= 0 < 2:6.11-32:6.11-3
sambacifs-utils>= 0 < 2:6.11-32:6.11-3
sambacifs-utils>= 0 < 2:6.8-1ubuntu1.22:6.8-1ubuntu1.2
sambacifs-utils>= 0 < 2:6.9-1ubuntu0.22:6.9-1ubuntu0.2
sambacifs-utils>= 0 < 2:6.14-1ubuntu0.12:6.14-1ubuntu0.1
sambacifs-utils>= 0 < 2:6.0-1ubuntu2+esm12:6.0-1ubuntu2+esm1
sambacifs-utils>= 0 < 2:6.4-1ubuntu1.1+esm12:6.4-1ubuntu1.1+esm1
sambacifs-utils>= 4.0 < 6.136.13

CVSS provenance

nvdv3.16.1MEDIUMCVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
nvdv2.04.9MEDIUMAV:N/AC:M/Au:S/C:P/I:P/A:N
osv7.0HIGH
vendor_debian6.1MEDIUM
vendor_msrc6.1MEDIUM
vendor_redhat6.1MEDIUM
vendor_ubuntu4.4MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.