CVE-2018-10919 Vulnerability Details

  /     /     /  

CVE-2018-10919 Metadata Quick Info

CVE Published: 22/08/2018 | CVE Updated: 05/08/2024 | CVE Year: 2018
Source: redhat | Vendor: The Samba Team | Product: samba
Status : PUBLISHED

---

CVE-2018-10919 Description

The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks. An authenticated attacker could use this flaw to extract confidential attribute values using LDAP search expressions. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-203
CWE Name: CWE-203
Source: The Samba Team

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).