Partha

**Name of the Vulnerable Software and Affected Versions** Samba versions 3.x through 4.1.21 Samba versions 4.2.x through 4.2.6 Samba versions 4.3.x through 4.3.2 **Description** The issue is related to the `shadow copy2 get shadow copy data` function, which does not verify that the DIRECTORY LIST access right has been granted. This allows remote attackers to access snapshots by visiting a shadow copy directory, potentially leading to information disclosure. The vulnerability can be exploited by remote attackers to gain access to confidential data. **Recommendations** For Samba versions 3.x through 4.1.21, update to version 4.1.22 or later. For Samba versions 4.2.x through 4.2.6, update to version 4.2.7 or later. For Samba versions 4.3.x through 4.3.2, update to version 4.3.3 or later. As a temporary workaround, consider restricting access to the shadow copy directory to minimize the risk of exploitation.