Описание
A path disclosure vulnerability was found in Samba. As part of the Spotlight protocol, Samba discloses the server-side absolute path of shares, files, and directories in the results for search queries. This flaw allows a malicious client or an attacker with a targeted RPC request to view the information that is part of the disclosed path.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | samba | Out of support scope | ||
| Red Hat Enterprise Linux 6 | samba4 | Out of support scope | ||
| Red Hat Enterprise Linux 7 | samba | Out of support scope | ||
| Red Hat Storage 3 | samba | Affected | ||
| Red Hat Enterprise Linux 8 | samba | Fixed | RHSA-2023:7139 | 14.11.2023 |
| Red Hat Enterprise Linux 8 | samba | Fixed | RHSA-2023:7139 | 14.11.2023 |
| Red Hat Enterprise Linux 8.6 Extended Update Support | samba | Fixed | RHSA-2024:0423 | 25.01.2024 |
| Red Hat Enterprise Linux 8.8 Extended Update Support | samba | Fixed | RHSA-2024:0580 | 30.01.2024 |
| Red Hat Enterprise Linux 9 | samba | Fixed | RHSA-2023:6667 | 07.11.2023 |
| Red Hat Enterprise Linux 9 | samba | Fixed | RHSA-2023:6667 | 07.11.2023 |
Показывать по
Дополнительная информация
Статус:
EPSS
5.3 Medium
CVSS3
Связанные уязвимости
A path disclosure vulnerability was found in Samba. As part of the Spotlight protocol, Samba discloses the server-side absolute path of shares, files, and directories in the results for search queries. This flaw allows a malicious client or an attacker with a targeted RPC request to view the information that is part of the disclosed path.
A path disclosure vulnerability was found in Samba. As part of the Spotlight protocol, Samba discloses the server-side absolute path of shares, files, and directories in the results for search queries. This flaw allows a malicious client or an attacker with a targeted RPC request to view the information that is part of the disclosed path.
A path disclosure vulnerability was found in Samba. As part of the Spo ...
A path disclosure vulnerability was found in Samba. As part of the Spotlight protocol, Samba discloses the server-side absolute path of shares, files, and directories in the results for search queries. This flaw allows a malicious client or an attacker with a targeted RPC request to view the information that is part of the disclosed path.
Уязвимость пакета программ сетевого взаимодействия Samba, связанная с раскрытием информации, позволяющая нарушителю получить доступ к конфиденциальным данным
EPSS
5.3 Medium
CVSS3