Ulf Troppens

**Name of the Vulnerable Software and Affected Versions** Samba versions 3.6.x through 3.6.5 IBM Storwize V7000 Unified versions 1.3 through 1.3.2.2 IBM Storwize V7000 Unified versions 1.4 through 1.4.0.0 **Description** The issue is related to the SMB2 implementation, which does not properly enforce CIFS share attributes. This allows remote authenticated users to write to a read-only share, trigger data-integrity problems, or have an unspecified impact by leveraging incorrect handling of certain parameters, such as `browseable` or `hide unreadable`. **Recommendations** For Samba versions 3.6.x through 3.6.5, update to version 3.6.6 or later. For IBM Storwize V7000 Unified versions 1.3 through 1.3.2.2, update to version 1.3.2.3 or later. For IBM Storwize V7000 Unified versions 1.4 through 1.4.0.0, update to version 1.4.0.1 or later.