vulnerability
Samba CVE-2017-12150: Numerous CVEs. Please see the announcements for details.
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:N/AC:M/Au:N/C:P/I:P/A:N) | 2017-09-29 | 2017-09-29 | 2024-11-27 |
Severity
6
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:N)
Published
2017-09-29
Added
2017-09-29
Modified
2024-11-27
Description
It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text.
Solution(s)
samba-upgrade-4_4_16samba-upgrade-4_5_14samba-upgrade-4_6_8
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.