PT-2021-7643 · Samba+6 · Samba+6

Pedro Sampaio

Published

2020-10-09

Updated

2024-11-15

CVE-2021-20251

CVSS v3.1

5.9

Medium

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions samba (affected versions not specified)

Description A flaw was found in samba, related to a race condition in the password lockout code. This issue may lead to the risk of brute force attacks being successful if special conditions are met, potentially allowing an attacker to disclose protected information. The vulnerability is associated with a lack of protection for service data.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Incorrect Privilege Assignment

Race Condition

Improper Access Control

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-266CWE-362CWE-284CWE-200

Related Identifiers

ALT-PU-2020-2979

ALT-PU-2020-3406

ALT-PU-2021-1580

ALT-PU-2024-14683

AZL-27917

AZL-36998

BDU:2023-00716

CVE-2021-20251

ECHO-1FB2-4B5E-F7DA

OPENSUSE-SU-2023_0160-1

OPENSUSE-SU-2023_0163-1

OPENSUSE-SU-2023_0222-1

OPENSUSE-SU-2024:12435-1

SUSE-SU-2023:0122-1

SUSE-SU-2023:0126-1

SUSE-SU-2023:0160-1

SUSE-SU-2023:0162-1

SUSE-SU-2023:0163-1

SUSE-SU-2023:0164-1

SUSE-SU-2023:0222-1

SUSE-SU-2023:0620-1

SUSE-SU-2023_0126-1

SUSE-SU-2023_0160-1

SUSE-SU-2023_0162-1

SUSE-SU-2023_0163-1

SUSE-SU-2023_0164-1

SUSE-SU-2023_0222-1

USN-5822-1

USN-5822-2

Affected Products

Alt Linux

Astra Linux

Debian

Linuxmint

Samba

Suse

Ubuntu

PT-2021-7643 · Samba+6 · Samba+6

CVE-2021-20251

Weakness Enumeration

Related Identifiers

Affected Products

References · 79