PT-2021-5220 · Samba+9 · Samba+9

Published

2021-11-09

·

Updated

2024-06-15

·

CVE-2020-25717

CVSS v2.0

8.5

High

VectorAV:N/AC:L/Au:S/C:C/I:C/A:N
Name of the Vulnerable Software and Affected Versions Samba (affected versions not specified)
Description A flaw in Samba's domain user to local user mapping could allow an authenticated attacker to potentially escalate privileges. The vulnerability is related to the creation of domain accounts with elevated privileges, which could be exploited by a remote attacker to gain increased privileges.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-264CWE-20

Related Identifiers

ALSA-2021:5082
ALSA-2022:0332
ALT-PU-2021-3247
ALT-PU-2021-3296
ALT-PU-2021-3339
ALT-PU-2021-3470
AZL-36993
AZL-8650
BDU:2021-06022
CESA-2021_5082
CESA-2021_5192
CVE-2020-25717
DSA-5003-1
DSA-5015-1
DSA-5071-1
ECHO-4106-E27C-FA14
MGASA-2021-0585
OESA-2021-1446
OPENSUSE-SU-2021:1471-1
OPENSUSE-SU-2021:3647-1
OPENSUSE-SU-2021:3650-1
OPENSUSE-SU-2021:3662-1
OPENSUSE-SU-2021:3674-1
OPENSUSE-SU-2021_1471-1
OPENSUSE-SU-2021_3647-1
OPENSUSE-SU-2021_3650-1
OPENSUSE-SU-2021_3662-1
OPENSUSE-SU-2021_3674-1
OPENSUSE-SU-2024:11631-1
RHSA-2021:4843
RHSA-2021:4844
RHSA-2021:5082
RHSA-2021:5192
RHSA-2021_5082
RHSA-2021_5192
RHSA-2022:0008
RHSA-2022:0074
RHSA-2022:0133
RHSA-2022:0443
RLSA-2021:5082
SUSE-RU-2021:4095-1
SUSE-RU-2021:4117-1
SUSE-RU-2021:4126-1
SUSE-RU-2021:4127-1
SUSE-RU-2021:4149-1
SUSE-RU-2021:4173-1
SUSE-RU-2021:4173-2
SUSE-SU-2021:3647-1
SUSE-SU-2021:3649-1
SUSE-SU-2021:3650-1
SUSE-SU-2021:3662-1
SUSE-SU-2021:3673-1
SUSE-SU-2021:3674-1
SUSE-SU-2021:3746-1
SUSE-SU-2021:3747-1
SUSE-SU-2021_3662-1
SUSE-SU-2022:0361-1
USN-5142-1
USN-5142-2
USN-5142-3
USN-5174-1
USN-5174-2

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Red Hat
Rocky Linux
Samba
Suse
Ubuntu