Medium severity4.3NVD Advisory· Published Aug 22, 2018· Updated Jun 17, 2026
CVE-2018-10919
CVE-2018-10919
Description
The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks. An authenticated attacker could use this flaw to extract confidential attribute values using LDAP search expressions. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
11- Range: <4.6.16, <4.7.9, <4.8.4
- osv-coords9 versionspkg:rpm/opensuse/samba&distro=openSUSE%20Tumbleweedpkg:rpm/suse/samba&distro=SUSE%20Enterprise%20Storage%205pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP3pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3
< 4.14.6+git.182.2205d5224e3-1.1+ 8 more
- (no CPE)range: < 4.14.6+git.182.2205d5224e3-1.1
- (no CPE)range: < 4.6.16+git.124.aee309c5c18-3.32.1
- (no CPE)range: < 4.6.16+git.124.aee309c5c18-3.32.1
- (no CPE)range: < 4.6.16+git.124.aee309c5c18-3.32.1
- (no CPE)range: < 4.7.8+git.86.94b6d10f7dd-4.15.1
- (no CPE)range: < 4.7.8+git.86.94b6d10f7dd-4.15.1
- (no CPE)range: < 4.6.16+git.124.aee309c5c18-3.32.1
- (no CPE)range: < 4.6.16+git.124.aee309c5c18-3.32.1
- (no CPE)range: < 4.6.16+git.124.aee309c5c18-3.32.1
- The Samba Team/sambav5Range: 4.6.16
Patches
Vulnerability mechanics
References
7- www.samba.org/samba/security/CVE-2018-10919.htmlnvdPatchVendor Advisory
- www.securityfocus.com/bid/105081nvdThird Party AdvisoryVDB Entry
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- security.netapp.com/advisory/ntap-20180814-0001/nvdThird Party Advisory
- usn.ubuntu.com/3738-1/nvdThird Party Advisory
- www.debian.org/security/2018/dsa-4271nvdThird Party Advisory
- security.gentoo.org/glsa/202003-52nvd
News mentions
0No linked articles in our index yet.