← back
CVE-2016-2124

CVE-2016-2124

EPSS 1.8%CWE-287
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 1.8%KEV nãoPoC Nuclei Metasploit Patch referenciado
Lifecycle
18 Feb 2022Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required.
Affected products
n/a · samba

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://bugzilla.redhat.com/show_bug.cgi?id=2019660https://lists.debian.org/debian-lts-announce/2023/09/msg00013.htmlhttps://security.gentoo.org/glsa/202309-06https://www.samba.org/samba/security/CVE-2016-2124.html