Privilege Escalation Vulnerability in Samba Product by Samba Team
CVE-2020-25717

8.1HIGH

Key Information:

Vendor: Samba
Status: Samba
Vendor: CVE Published:; 18 February 2022

What is CVE-2020-25717?

A security flaw has been identified in the Samba software that relates to the mapping of domain users to local users. This issue may allow an authenticated attacker to leverage the vulnerability for privilege escalation, potentially granting them elevated access to system resources and sensitive data. It is crucial for users to apply the relevant patches to mitigate this risk and ensure system integrity.

Affected Version(s)

samba samba 4.15.2, samba 4.14.10, samba 4.13.14

References

https://bugzilla.redhat.com/show_bug.cgi?id=2019672

https://www.samba.org/samba/security/CVE-2020-25717.html

https://security.gentoo.org/glsa/202309-06

vendor-advisory

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 18, 2022
Vulnerability Reserved
Sep 16, 2020