CVE-2019-14902
CVE-2019-14902
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 5.4EPSS 1.5%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado
Ciclo de vida
21 ene 2020Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
There is an issue in all samba 4.11.x versions before 4.11.5, all samba 4.10.x versions before 4.10.12 and all samba 4.9.x versions before 4.9.18, where the removal of the right to create or modify a subtree would not automatically be taken away on all domain controllers.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Productos afectados
[UNKNOWN] · samba¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00055.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14902https://lists.debian.org/debian-lts-announce/2021/05/msg00023.htmlhttps://lists.debian.org/debian-lts-announce/2023/09/msg00013.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4ACZVNMIFQGGXNJPMHAVBN3H2U65FXQY/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GQ6U65I2K23YJC4FESW477WL55TU3PPT/https://security.gentoo.org/glsa/202003-52https://security.netapp.com/advisory/ntap-20200122-0001/https://usn.ubuntu.com/4244-1/https://www.samba.org/samba/security/CVE-2019-14902.htmlhttps://www.synology.com/security/advisory/Synology_SA_20_01