5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
0.001 Low
EPSS
Percentile
38.1%
samba is vulnerable to Authorization Bypasses. The vulnerability occurs when an attacker sends a specially crafted SMB2
packet to a Samba server. If the packet is valid, the Samba server could be tricked into entering a man-in-the-middle attack, by intercepting the network traffic and modifying the SMB2 messages.
access.redhat.com/errata/RHSA-2023:4325
access.redhat.com/errata/RHSA-2023:4328
access.redhat.com/security/cve/CVE-2023-3347
bugzilla.redhat.com/show_bug.cgi?id=2222792
lists.fedoraproject.org/archives/list/[email protected]/message/BPCSGND7LO467AJGR5DYBGZLTCGTOBCC/
lists.fedoraproject.org/archives/list/[email protected]/message/OT74M42E6C36W7PQVY3OS4ZM7DVYB64Z/
security-tracker.debian.org/tracker/CVE-2023-3347
security.netapp.com/advisory/ntap-20230731-0010/
www.debian.org/security/2023/dsa-5477
www.samba.org/samba/security/CVE-2023-3347.html