Lucene search

K

Redhat.comRH:CVE-2023-0614

HistoryMar 30, 2023 - 1:00 p.m.

CVE-2023-0614

2023-03-3013:00:41

redhat.com

access.redhat.com

61

samba

vulnerability

bitlocker

ldap

filters

attacker

disclosure

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

46.5%

A vulnerability was found in Samba. Confidential attribute disclosure via LDAP filters is insufficient, which may allow an attacker to obtain confidential BitLocker recovery keys from a Samba AD DC.

References

bugzilla.redhat.com/show_bug.cgi?id=2182776

nvd.nist.gov/vuln/detail/CVE-2023-0614

www.cve.org/CVERecord?id=CVE-2023-0614

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

46.5%

Related for RH:CVE-2023-0614

ubuntu2 openvas16 osv3 nessus20 veracode1 samba1 ubuntucve1 prion1 cvelist1 alpinelinux1 debiancve1 cve1 fedora6 nvd1 cloudfoundry1 mageia1 altlinux1 freebsd1 photon3 rosalinux1 gentoo1