Multiple flaws were found in the way samba AD DC implemented access and conformance checking of stored data. An attacker could use this flaw to cause total domain compromise.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=2019764 | Issue Tracking Patch Third Party Advisory |
https://security.gentoo.org/glsa/202309-06 | |
https://www.samba.org/samba/security/CVE-2020-25722.html | Mitigation Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
History
17 Sep 2023, 09:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
25 Feb 2022, 17:30
Type | Values Removed | Values Added |
---|---|---|
First Time |
Debian debian Linux
Samba Debian Canonical ubuntu Linux Samba samba Fedoraproject fedora Canonical Fedoraproject |
|
CWE | CWE-863 | |
CPE | cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:21.04:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:21.10:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:* cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : 6.5
v3 : 8.8 |
References | (MISC) https://www.samba.org/samba/security/CVE-2020-25722.html - Mitigation, Vendor Advisory | |
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2019764 - Issue Tracking, Patch, Third Party Advisory |
18 Feb 2022, 18:33
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-02-18 18:15
Updated : 2023-12-10 14:22
NVD link : CVE-2020-25722
Mitre link : CVE-2020-25722
CVE.ORG link : CVE-2020-25722
JSON object : View
Products Affected
canonical
- ubuntu_linux
fedoraproject
- fedora
samba
- samba
debian
- debian_linux
CWE
CWE-863
Incorrect Authorization