Unrated severityNVD Advisory· Published Aug 22, 2018· Updated Aug 5, 2024
CVE-2018-10919
CVE-2018-10919
Description
The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks. An authenticated attacker could use this flaw to extract confidential attribute values using LDAP search expressions. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.
Affected products
10- osv-coords9 versionspkg:rpm/opensuse/samba&distro=openSUSE%20Tumbleweedpkg:rpm/suse/samba&distro=SUSE%20Enterprise%20Storage%205pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP3pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3
< 4.14.6+git.182.2205d5224e3-1.1+ 8 more
- (no CPE)range: < 4.14.6+git.182.2205d5224e3-1.1
- (no CPE)range: < 4.6.16+git.124.aee309c5c18-3.32.1
- (no CPE)range: < 4.6.16+git.124.aee309c5c18-3.32.1
- (no CPE)range: < 4.6.16+git.124.aee309c5c18-3.32.1
- (no CPE)range: < 4.7.8+git.86.94b6d10f7dd-4.15.1
- (no CPE)range: < 4.7.8+git.86.94b6d10f7dd-4.15.1
- (no CPE)range: < 4.6.16+git.124.aee309c5c18-3.32.1
- (no CPE)range: < 4.6.16+git.124.aee309c5c18-3.32.1
- (no CPE)range: < 4.6.16+git.124.aee309c5c18-3.32.1
- The Samba Team/sambav5Range: 4.6.16
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7- security.gentoo.org/glsa/202003-52mitrevendor-advisoryx_refsource_GENTOO
- usn.ubuntu.com/3738-1/mitrevendor-advisoryx_refsource_UBUNTU
- www.debian.org/security/2018/dsa-4271mitrevendor-advisoryx_refsource_DEBIAN
- www.securityfocus.com/bid/105081mitrevdb-entryx_refsource_BID
- bugzilla.redhat.com/show_bug.cgimitrex_refsource_CONFIRM
- security.netapp.com/advisory/ntap-20180814-0001/mitrex_refsource_CONFIRM
- www.samba.org/samba/security/CVE-2018-10919.htmlmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.