Unrated severityNVD Advisory· Published Jan 17, 2013· Updated Jun 16, 2026
CVE-2013-0172
CVE-2013-0172
Description
Samba 4.0.x before 4.0.1, in certain Active Directory domain-controller configurations, does not properly interpret Access Control Entries that are based on an objectClass, which allows remote authenticated users to bypass intended restrictions on modifying LDAP directory objects by leveraging (1) objectClass access by a user, (2) objectClass access by a group, or (3) write access to an attribute.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:samba:samba:4.0.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:samba:samba:4.0.0:*:*:*:*:*:*:*
- (no CPE)range: >=4.0.0, <4.0.1
Patches
Vulnerability mechanics
References
1- www.samba.org/samba/security/CVE-2013-0172nvdVendor Advisory
News mentions
0No linked articles in our index yet.