Unrated severityNVD Advisory· Published Jul 29, 2011· Updated Jun 16, 2026
CVE-2011-2522
CVE-2011-2522
Description
Multiple cross-site request forgery (CSRF) vulnerabilities in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.10 allow remote attackers to hijack the authentication of administrators for requests that (1) shut down daemons, (2) start daemons, (3) add shares, (4) remove shares, (5) add printers, (6) remove printers, (7) add user accounts, or (8) remove user accounts, as demonstrated by certain start, stop, and restart parameters to the status program.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
10cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*range: >=3.0.0,<3.3.16
- (no CPE)range: <3.5.10
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*+ 3 more
- cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*
Patches
Vulnerability mechanics
References
19- bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatchThird Party Advisory
- bugzilla.samba.org/show_bug.cginvdIssue TrackingPatchThird Party Advisory
- www.exploit-db.com/exploits/17577nvdExploitThird Party AdvisoryVDB Entry
- jvn.jp/en/jp/JVN29529126/index.htmlnvdThird Party Advisory
- marc.infonvdMailing ListThird Party Advisory
- samba.org/samba/history/samba-3.5.10.htmlnvdVendor Advisory
- secunia.com/advisories/45393nvdThird Party Advisory
- secunia.com/advisories/45488nvdThird Party Advisory
- secunia.com/advisories/45496nvdThird Party Advisory
- securityreason.com/securityalert/8317nvdThird Party Advisory
- securitytracker.com/idnvdThird Party AdvisoryVDB Entry
- ubuntu.com/usn/usn-1182-1nvdThird Party Advisory
- www.debian.org/security/2011/dsa-2290nvdThird Party Advisory
- www.samba.org/samba/security/CVE-2011-2522nvdVendor Advisory
- www.securityfocus.com/bid/48899nvdThird Party AdvisoryVDB Entry
- exchange.xforce.ibmcloud.com/vulnerabilities/68843nvdThird Party AdvisoryVDB Entry
- osvdb.org/74071nvdBroken Link
- www.itrc.hp.com/service/cki/docDisplay.donvdBroken Link
- www.mandriva.com/security/advisoriesnvdBroken Link
News mentions
0No linked articles in our index yet.