Samba is susceptible to multiple vulnerabilities as used in IBM QRadar SIEM.
CVE-ID: CVE-2016-2110 **
Description:Samba could allow a remote attacker to bypass security restrictions, caused by the failure to protect the feature negotiation of NTLMSSP from a downgrade. A remote attacker could exploit this vulnerability using man-in-the-middle techniques to clear NTLMSSP_NEGOTIATE_SIGN and NTLMSSP_NEGOTIATE_SEAL flags and perform downgrade attacks. **
CVSS Base Score: 4.3**
CVSS Temporal Score:** See https://exchange.xforce.ibmcloud.com/vulnerabilities/111937 for the current score**
CVSS Environmental Score:** Undefined*
CVSS Vector:** CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
**
CVE-ID:CVE-2016-2112 **
Description:Samba could allow a remote attacker to bypass security restrictions, caused by the failure to enforce integrity protection by the LDAP client and server. A remote attacker could exploit this vulnerability using man-in-the-middle techniques to downgrade LDAP connections. **
CVSS Base Score: 4.3
CVSS Temporal Score:** See https://exchange.xforce.ibmcloud.com/vulnerabilities/111939 for the current score**
CVSS Environmental Score:** Undefined*
CVSS Vector:** CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
**
CVE-ID:CVE-2016-2115 **
Description:Samba could allow a remote attacker to bypass security restrictions, caused by the failure to protect the integrity of SMB client connections for IPC traffic. A remote attacker could exploit this vulnerability using man-in-the-middle techniques to perform unauthorized actions. **
CVSS Base Score: 4.3
CVSS Temporal Score:** See https://exchange.xforce.ibmcloud.com/vulnerabilities/111942 for the current score**
CVSS Environmental Score:** Undefined*
CVSS Vector:** CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
ยท IBM QRadar 7.1.n
ยท IBM QRadar 7.2.n
ยท QRadar / QRM / QVM / QRIF 7.2.6 Patch 7
ยท IBM QRadar SIEM 7.1 MR2 Patch 13
None