CVE-2014-2581
HIGHsmb4k < 1.1.1 - Insufficiently Protected Credentials via cuid Option
Title source: llmDescription
Smb4K before 1.1.1 allows remote attackers to obtain credentials via vectors related to the cuid option in the "Additional options" line edit.
References (6)
Core 6
Core References
Release Notes, Third Party Advisory x_refsource_confirm
http://sourceforge.net/projects/smb4k/files/1.1.1/
Mailing List, Third Party Advisory x_refsource_misc
http://www.openwall.com/lists/oss-security/2014/03/24/1
Mailing List, Third Party Advisory x_refsource_misc
http://www.openwall.com/lists/oss-security/2014/03/25/5
Mailing List, Third Party Advisory x_refsource_confirm
http://lists.fedoraproject.org/pipermail/package-announce/2014-June/133898.html
Mailing List, Third Party Advisory x_refsource_confirm
http://lists.fedoraproject.org/pipermail/package-announce/2014-June/133901.html
Issue Tracking, Patch, Third Party Advisory x_refsource_misc
https://bugs.gentoo.org/505376
Scores
CVSS v3
7.5
EPSS
0.0263
EPSS Percentile
83.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-522
Status
published
Products (3)
fedoraproject/fedora
19
fedoraproject/fedora
20
smb4k_project/smb4k
< 1.1.1
Published
Jan 28, 2020
Tracked Since
Feb 18, 2026