CVE-2021-20316

EPSS 0.8%CWE-362

Vexday Risk Score

3Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS —EPSS 0.8%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado

Lifecycle

23 Aug 2022Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

A flaw was found in the way Samba handled file/directory metadata. This flaw allows an authenticated attacker with permissions to read or modify share metadata, to perform this operation outside of the share.

Affected products

n/a · samba

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://access.redhat.com/security/cve/CVE-2021-20316 https://bugzilla.redhat.com/show_bug.cgi?id=2009673 https://bugzilla.samba.org/show_bug.cgi?id=14842 https://security.gentoo.org/glsa/202309-06 https://security-tracker.debian.org/tracker/CVE-2021-20316 https://www.samba.org/samba/security/CVE-2021-20316.html