High severity7.2NVD Advisory· Published Feb 18, 2022· Updated Jun 17, 2026
CVE-2020-25719
CVE-2020-25719
Description
A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents if it did not strictly require a Kerberos PAC and always use the SIDs found within. The result could include total domain compromise.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
42(expand)+ 1 more
- (no CPE)
- (no CPE)
- osv-coords40 versionspkg:rpm/almalinux/bind-dyndb-ldappkg:rpm/almalinux/custodiapkg:rpm/almalinux/ipa-clientpkg:rpm/almalinux/ipa-client-commonpkg:rpm/almalinux/ipa-client-epnpkg:rpm/almalinux/ipa-client-sambapkg:rpm/almalinux/ipa-commonpkg:rpm/almalinux/ipa-healthcheckpkg:rpm/almalinux/ipa-healthcheck-corepkg:rpm/almalinux/ipa-python-compatpkg:rpm/almalinux/ipa-selinuxpkg:rpm/almalinux/ipa-serverpkg:rpm/almalinux/ipa-server-commonpkg:rpm/almalinux/ipa-server-dnspkg:rpm/almalinux/ipa-server-trust-adpkg:rpm/almalinux/opendnssecpkg:rpm/almalinux/python3-custodiapkg:rpm/almalinux/python3-ipaclientpkg:rpm/almalinux/python3-ipalibpkg:rpm/almalinux/python3-ipaserverpkg:rpm/almalinux/python3-ipatestspkg:rpm/almalinux/python3-jwcryptopkg:rpm/almalinux/python3-kdcproxypkg:rpm/almalinux/python3-pyusbpkg:rpm/almalinux/python3-qrcodepkg:rpm/almalinux/python3-qrcode-corepkg:rpm/almalinux/python3-yubicopkg:rpm/almalinux/slapi-nispkg:rpm/almalinux/softhsmpkg:rpm/almalinux/softhsm-develpkg:rpm/opensuse/ldb&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/samba&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/samba&distro=openSUSE%20Tumbleweedpkg:rpm/suse/ldb&distro=SUSE%20Enterprise%20Storage%207pkg:rpm/suse/ldb&distro=SUSE%20Linux%20Enterprise%20Micro%205.1pkg:rpm/suse/ldb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/samba&distro=SUSE%20Enterprise%20Storage%207pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP3pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%202%2015%20SP3
< 11.6-2.module_el8.5.0+2603+92118e57+ 39 more
- (no CPE)range: < 11.6-2.module_el8.5.0+2603+92118e57
- (no CPE)range: < 0.6.0-3.module_el8.6.0+2881+2f24dc92
- (no CPE)range: < 4.9.6-10.module_el8.5.0+2603+92118e57
- (no CPE)range: < 4.9.6-10.module_el8.5.0+2603+92118e57
- (no CPE)range: < 4.9.6-10.module_el8.5.0+2603+92118e57
- (no CPE)range: < 4.9.6-10.module_el8.5.0+2603+92118e57
- (no CPE)range: < 4.9.6-10.module_el8.5.0+2603+92118e57
- (no CPE)range: < 0.7-6.module_el8.5.0+2603+92118e57
- (no CPE)range: < 0.7-6.module_el8.5.0+2603+92118e57
- (no CPE)range: < 4.9.6-10.module_el8.5.0+2603+92118e57
- (no CPE)range: < 4.9.6-10.module_el8.5.0+2603+92118e57
- (no CPE)range: < 4.9.6-10.module_el8.5.0+2603+92118e57
- (no CPE)range: < 4.9.6-10.module_el8.5.0+2603+92118e57
- (no CPE)range: < 4.9.6-10.module_el8.5.0+2603+92118e57
- (no CPE)range: < 4.9.6-10.module_el8.5.0+2603+92118e57
- (no CPE)range: < 2.1.7-1.module_el8.6.0+2881+2f24dc92
- (no CPE)range: < 0.6.0-3.module_el8.6.0+2881+2f24dc92
- (no CPE)range: < 4.9.6-10.module_el8.5.0+2603+92118e57
- (no CPE)range: < 4.9.6-10.module_el8.5.0+2603+92118e57
- (no CPE)range: < 4.9.6-10.module_el8.5.0+2603+92118e57
- (no CPE)range: < 4.9.6-10.module_el8.5.0+2603+92118e57
- (no CPE)range: < 0.5.0-1.module_el8.5.0+2603+92118e57
- (no CPE)range: < 0.4-5.module_el8.5.0+2603+92118e57
- (no CPE)range: < 1.0.0-9.module_el8.5.0+2603+92118e57
- (no CPE)range: < 5.1-12.module_el8.5.0+2603+92118e57
- (no CPE)range: < 5.1-12.module_el8.6.0+2737+7e73ea90
- (no CPE)range: < 1.3.2-9.module_el8.6.0+2737+7e73ea90
- (no CPE)range: < 0.56.6-4.module_el8.6.0+2881+2f24dc92
- (no CPE)range: < 2.6.0-5.module_el8.5.0+2603+92118e57
- (no CPE)range: < 2.6.0-5.module_el8.6.0+2881+2f24dc92
- (no CPE)range: < 2.2.2-3.3.1
- (no CPE)range: < 4.13.13+git.528.140935f8d6a-3.12.1
- (no CPE)range: < 4.15.2+git.193.a4d6307f1fd-1.1
- (no CPE)range: < 2.2.2-4.6.1
- (no CPE)range: < 2.2.2-3.3.1
- (no CPE)range: < 2.2.2-3.3.1
- (no CPE)range: < 4.13.13+git.545.5897c2d94f3-3.12.1
- (no CPE)range: < 4.13.13+git.528.140935f8d6a-3.12.1
- (no CPE)range: < 4.13.13+git.528.140935f8d6a-3.12.1
- (no CPE)range: < 4.13.13+git.528.140935f8d6a-3.12.1
Patches
Vulnerability mechanics
References
3- bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatchThird Party Advisory
- www.samba.org/samba/security/CVE-2020-25719.htmlnvdMitigationVendor Advisory
- security.gentoo.org/glsa/202309-06nvd
News mentions
0No linked articles in our index yet.