← voltar
CVE-2018-14628

CVE-2018-14628

EPSS 1.2%CWE-862
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS EPSS 1.2%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
17 jan 2023Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store.
Produtos afetados
n/a · Samba

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://bugzilla.redhat.com/show_bug.cgi?id=1625445https://bugzilla.samba.org/show_bug.cgi?id=13595https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DK57HQRTCDOZDIIICYWQ4Z5IQXTWVVW/https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ACVMYEP5KJRL3FWSCZW2MQZ26IVPXY62/https://security.netapp.com/advisory/ntap-20230223-0008/http://www.openwall.com/lists/oss-security/2023/11/28/4