CVE-2016-2112

MEDIUM

Samba - Security Feature Bypass

Title source: rule

Description

The bundled LDAP client library in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the "client ldap sasl wrapping" setting, which allows man-in-the-middle attackers to perform LDAP protocol-downgrade attacks by modifying the client-server data stream.

References (37)

... and 17 more

Scores

CVSS v3 5.9
EPSS 0.1844
EPSS Percentile 95.1%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

Classification

CWE
CWE-254
Status draft

Affected Products (50)

samba/samba
samba/samba
samba/samba
samba/samba
samba/samba
samba/samba
samba/samba
samba/samba
samba/samba
samba/samba
samba/samba
samba/samba
samba/samba
samba/samba
samba/samba
... and 35 more

Timeline

Published Apr 25, 2016
Tracked Since Feb 18, 2026