CVE-2020-14318

2020-10-2900:00:00

ubuntu.com

samba

file permissions

directory permissions

authenticated user

information disclosure

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

EPSS

0.001

Percentile

40.5%

JSON

A flaw was found in the way samba handled file and directory permissions.
An authenticated user could use this flaw to gain access to certain file
and directory information which otherwise would be unavailable to the
attacker.

Bugs

<https://bugzilla.samba.org/show_bug.cgi?id=14434>

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchsamba< 2:4.7.6+dfsg~ubuntu-0ubuntu2.21UNKNOWN
ubuntu20.04noarchsamba< 2:4.11.6+dfsg-0ubuntu1.6UNKNOWN
ubuntu20.10noarchsamba< 2:4.12.5+dfsg-3ubuntu4.1UNKNOWN
ubuntu21.04noarchsamba< 2:4.12.5+dfsg-3ubuntu4.1UNKNOWN
ubuntu14.04noarchsamba< 2:4.3.11+dfsg-0ubuntu0.14.04.20+esm11UNKNOWN
ubuntu16.04noarchsamba< 2:4.3.11+dfsg-0ubuntu0.16.04.32UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	samba	< 2:4.7.6+dfsg~ubuntu-0ubuntu2.21	UNKNOWN
ubuntu	20.04	noarch	samba	< 2:4.11.6+dfsg-0ubuntu1.6	UNKNOWN
ubuntu	20.10	noarch	samba	< 2:4.12.5+dfsg-3ubuntu4.1	UNKNOWN
ubuntu	21.04	noarch	samba	< 2:4.12.5+dfsg-3ubuntu4.1	UNKNOWN
ubuntu	14.04	noarch	samba	< 2:4.3.11+dfsg-0ubuntu0.14.04.20+esm11	UNKNOWN
ubuntu	16.04	noarch	samba	< 2:4.3.11+dfsg-0ubuntu0.16.04.32	UNKNOWN