Rapid7 Vulnerability & Exploit Database

Samba CVE-2019-14902: Replication of ACLs set to inherit down a subtree on AD Directory not automatic

Back to Search

Samba CVE-2019-14902: Replication of ACLs set to inherit down a subtree on AD Directory not automatic

Severity
6
CVSS
(AV:N/AC:L/Au:S/C:P/I:P/A:N)
Published
01/21/2020
Created
01/25/2020
Added
01/24/2020
Modified
01/31/2020

Description

There is an issue in all samba 4.11.x versions before 4.11.5, all samba 4.10.x versions before 4.10.12 and all samba 4.9.x versions before 4.9.18, where the removal of the right to create or modify a subtree would not automatically be taken away on all domain controllers.

Solution(s)

  • samba-upgrade-4_10_12
  • samba-upgrade-4_11_5
  • samba-upgrade-4_9_18

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;