CVE-2018-1057

{"id": "CVE-2018-1057", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2018-03-13T16:29:00.287", "references": [{"url": "http://www.securityfocus.com/bid/103382", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id/1040494", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553553", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00013.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://security.gentoo.org/glsa/201805-07", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://security.netapp.com/advisory/ntap-20180313-0001/", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://usn.ubuntu.com/3595-1/", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.debian.org/security/2018/dsa-4135", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.samba.org/samba/security/CVE-2018-1057.html", "tags": ["Mitigation", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.synology.com/support/security/Synology_SA_18_08", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/bid/103382", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1040494", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553553", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00013.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://security.gentoo.org/glsa/201805-07", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://security.netapp.com/advisory/ntap-20180313-0001/", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://usn.ubuntu.com/3595-1/", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.debian.org/security/2018/dsa-4135", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.samba.org/samba/security/CVE-2018-1057.html", "tags": ["Mitigation", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.synology.com/support/security/Synology_SA_18_08", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "secalert@redhat.com", "description": [{"lang": "en", "value": "CWE-863"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-863"}]}], "descriptions": [{"lang": "en", "value": "On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 onwards incorrectly validates permissions to modify passwords over LDAP allowing authenticated users to change any other users' passwords, including administrative users and privileged service accounts (eg Domain Controllers)."}, {"lang": "es", "value": "En Samba 4 AD DC, el servidor LDAP en todas las versiones de Samba, desde la 4.0.0 en adelante, valida incorrectamente los permisos para modificar contrase\u00f1as por LDAP. Esto permite que usuarios autenticados cambien las contrase\u00f1as de cualquier otro usuario, incluyendo usuarios administrativos y cuentas de servicio privilegiadas (por ejemplo, Domain Controllers)."}], "lastModified": "2024-11-21T03:59:05.140", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "A0B1E5F7-5866-424F-B6E6-C7D1DC747DBA"}, {"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C46F9B88-6D5A-4C14-B7ED-A6DE9E3A7E69", "versionEndExcluding": "4.5.16", "versionStartIncluding": "4.0.0"}, {"criteria": "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "908F420E-C970-44FA-8FAB-F05C73E276EB", "versionEndExcluding": "4.6.14", "versionStartIncluding": "4.6.0"}, {"criteria": "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5516C6B6-6886-42BB-9109-3684575091D4", "versionEndExcluding": "4.7.6", "versionStartIncluding": "4.7.0"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}