Unrated severityNVD Advisory· Published Mar 26, 2013· Updated Apr 29, 2026

CVE-2013-0454

Description

The SMB2 implementation in Samba 3.6.x before 3.6.6, as used on the IBM Storwize V7000 Unified 1.3 before 1.3.2.3 and 1.4 before 1.4.0.1 and possibly other products, does not properly enforce CIFS share attributes, which allows remote authenticated users to (1) write to a read-only share; (2) trigger data-integrity problems related to the oplock, locking, coherency, or leases attribute; or (3) have an unspecified impact by leveraging incorrect handling of the browseable or "hide unreadable" parameter.

Affected products

IBM/Storwize2 versions
cpe:2.3:a:ibm:storwize:v7000:1.3:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:ibm:storwize:v7000:1.3:*:*:*:*:*:*
- cpe:2.3:a:ibm:storwize:v7000:1.4:*:*:*:*:*:*
Samba (software)/Samba6 versions
cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*range: <=3.6.5
- cpe:2.3:a:samba:samba:3.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.6.4:*:*:*:*:*:*:*
Canonical/Ubuntu Linux
cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*
osv-coords
pkg:rpm/opensuse/samba&distro=openSUSE%20Tumbleweed
Range: < 4.5.0-1.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.ibm.com/support/docview.wssnvdVendor Advisory
www.ubuntu.com/usn/USN-1802-1nvdVendor Advisory
www.samba.org/samba/security/CVE-2013-0454nvdVendor Advisory
bugzilla.redhat.com/show_bug.cginvd
bugzilla.samba.org/show_bug.cginvd
exchange.xforce.ibmcloud.com/vulnerabilities/80970nvd
lists.samba.org/archive/samba-announce/2012/000259.htmlnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000