Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2019-10197

Опубликовано: 03 сент. 2019
Источник: nvd
CVSS3: 6.5
CVSS3: 9.1
CVSS2: 6.4
EPSS Низкий

Описание

A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to 4.11.0rc3, when certain parameters were set in the samba configuration file. An unauthenticated attacker could use this flaw to escape the shared directory and access the contents of directories outside the share.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
Версия от 4.9.0 (включая) до 4.9.13 (включая)
cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
Версия от 4.10.0 (включая) до 4.10.8 (включая)
cpe:2.3:a:samba:samba:4.9.0:rc1:*:*:*:*:*:*
cpe:2.3:a:samba:samba:4.9.0:rc2:*:*:*:*:*:*
cpe:2.3:a:samba:samba:4.9.0:rc3:*:*:*:*:*:*
cpe:2.3:a:samba:samba:4.9.0:rc4:*:*:*:*:*:*
cpe:2.3:a:samba:samba:4.9.0:rc5:*:*:*:*:*:*
cpe:2.3:a:samba:samba:4.10.0:rc1:*:*:*:*:*:*
cpe:2.3:a:samba:samba:4.10.0:rc2:*:*:*:*:*:*
cpe:2.3:a:samba:samba:4.10.0:rc3:*:*:*:*:*:*
cpe:2.3:a:samba:samba:4.10.0:rc4:*:*:*:*:*:*
cpe:2.3:a:samba:samba:4.11.0:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:4.11.0:rc1:*:*:*:*:*:*
cpe:2.3:a:samba:samba:4.11.0:rc2:*:*:*:*:*:*
cpe:2.3:a:samba:samba:4.11.0:rc3:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

EPSS

Процентиль: 89%
0.04729
Низкий

6.5 Medium

CVSS3

9.1 Critical

CVSS3

6.4 Medium

CVSS2

Дефекты

CWE-22
CWE-22

Связанные уязвимости

ubuntu логотип

CVE-2019-10197

CVSS3: 6.5
ubuntu
больше 6 лет назад

A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to 4.11.0rc3, when certain parameters were set in the samba configuration file. An unauthenticated attacker could use this flaw to escape the shared directory and access the contents of directories outside the share.

redhat логотип

CVE-2019-10197

CVSS3: 6.5
redhat
больше 6 лет назад

A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to 4.11.0rc3, when certain parameters were set in the samba configuration file. An unauthenticated attacker could use this flaw to escape the shared directory and access the contents of directories outside the share.

debian логотип

CVE-2019-10197

CVSS3: 6.5
debian
больше 6 лет назад

A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up ...

suse-cvrf логотип

openSUSE-SU-2019:2142-1

suse-cvrf
больше 6 лет назад

Security update for samba

github логотип

GHSA-v6g6-jxr8-2r44

CVSS3: 9.1
github
больше 3 лет назад

A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to 4.11.0rc3, when certain parameters were set in the samba configuration file. An unauthenticated attacker could use this flaw to escape the shared directory and access the contents of directories outside the share.

EPSS

Процентиль: 89%
0.04729
Низкий

6.5 Medium

CVSS3

9.1 Critical

CVSS3

6.4 Medium

CVSS2

Дефекты

CWE-22
CWE-22