Lucene search

RedhatVULNRICHMENT:CVE-2023-5568

HistoryOct 24, 2023 - 9:56 p.m.

CVE-2023-5568 Samba: heap buffer overflow with freshness tokens in the heimdal kdc

2023-10-2421:56:41

CWE-122

redhat

github.com

buffer overflow

denial of service

samba

cve-2023-5568

heimdal kdc

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H

AI Score

5.9

Confidence

High

EPSS

0.002

Percentile

64.8%

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

A heap-based Buffer Overflow flaw was discovered in Samba. It could allow a remote, authenticated attacker to exploit this vulnerability to cause a denial of service.

References

access.redhat.com/security/cve/CVE-2023-5568

bugzilla.redhat.com/show_bug.cgi?id=2245174

bugzilla.samba.org/show_bug.cgi?id=15491

www.samba.org/samba/history/samba-4.19.2.html

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H

AI Score

5.9

Confidence

High

EPSS

0.002

Percentile

64.8%

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

Related for VULNRICHMENT:CVE-2023-5568