Unrated severityNVD Advisory· Published Apr 3, 2023· Updated Feb 13, 2025
CVE-2023-0614
CVE-2023-0614
Description
The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure vi LDAP filters was insufficient and an attacker may be able to obtain confidential BitLocker recovery keys from a Samba AD DC.
Affected products
34- Samba/Samba AD DCdescription
- osv-coords33 versionspkg:rpm/opensuse/ldb&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/ldb&distro=openSUSE%20Leap%20Micro%205.3pkg:rpm/opensuse/ldb&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/samba&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/samba&distro=openSUSE%20Leap%20Micro%205.3pkg:rpm/opensuse/samba&distro=openSUSE%20Tumbleweedpkg:rpm/suse/ldb&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/ldb&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-ESPOSpkg:rpm/suse/ldb&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/ldb&distro=SUSE%20Linux%20Enterprise%20Micro%205.1pkg:rpm/suse/ldb&distro=SUSE%20Linux%20Enterprise%20Micro%205.2pkg:rpm/suse/ldb&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/ldb&distro=SUSE%20Linux%20Enterprise%20Micro%205.4pkg:rpm/suse/ldb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP4pkg:rpm/suse/ldb&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2015%20SP3pkg:rpm/suse/ldb&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/ldb&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/ldb&distro=SUSE%20Manager%20Proxy%204.2pkg:rpm/suse/ldb&distro=SUSE%20Manager%20Server%204.2pkg:rpm/suse/samba&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP3pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP4pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-ESPOSpkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Micro%205.2pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Micro%205.4pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP4pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2015%20SP3pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/samba&distro=SUSE%20Manager%20Proxy%204.2pkg:rpm/suse/samba&distro=SUSE%20Manager%20Server%204.2
< 2.4.4-150400.4.11.1+ 32 more
- (no CPE)range: < 2.4.4-150400.4.11.1
- (no CPE)range: < 2.4.4-150400.4.11.1
- (no CPE)range: < 2.7.2-1.1
- (no CPE)range: < 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
- (no CPE)range: < 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
- (no CPE)range: < 4.18.1+git.298.4ccf830b2a4-1.1
- (no CPE)range: < 2.4.4-150300.3.23.1
- (no CPE)range: < 2.4.4-150300.3.23.1
- (no CPE)range: < 2.4.4-150300.3.23.1
- (no CPE)range: < 2.4.4-150300.3.23.1
- (no CPE)range: < 2.4.4-150300.3.23.1
- (no CPE)range: < 2.4.4-150400.4.11.1
- (no CPE)range: < 2.4.4-150400.4.11.1
- (no CPE)range: < 2.4.4-150400.4.11.1
- (no CPE)range: < 2.4.4-150300.3.23.1
- (no CPE)range: < 2.4.4-150300.3.23.1
- (no CPE)range: < 2.4.4-150300.3.23.1
- (no CPE)range: < 2.4.4-150300.3.23.1
- (no CPE)range: < 2.4.4-150300.3.23.1
- (no CPE)range: < 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
- (no CPE)range: < 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
- (no CPE)range: < 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
- (no CPE)range: < 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
- (no CPE)range: < 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
- (no CPE)range: < 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
- (no CPE)range: < 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
- (no CPE)range: < 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
- (no CPE)range: < 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
- (no CPE)range: < 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
- (no CPE)range: < 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
- (no CPE)range: < 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
- (no CPE)range: < 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
- (no CPE)range: < 4.15.13+git.636.53d93c5b9d6-150300.3.52.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YXBPYIA4VWNOD437NAHZ3NXKAETLFB5S/mitrevendor-advisory
- security.gentoo.org/glsa/202309-06mitrevendor-advisory
- security.netapp.com/advisory/ntap-20230406-0007/mitre
- www.samba.org/samba/security/CVE-2023-0614.htmlmitre
News mentions
0No linked articles in our index yet.