Description
Multiple flaws were found in the way samba AD DC implemented access and conformance checking of stored data. An attacker could use this flaw to cause total domain compromise.
References (3)
Core 3
Core References
Third Party Advisory vendor-advisory
https://security.gentoo.org/glsa/202309-06
Issue Tracking, Patch, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2019764
Mitigation, Vendor Advisory
https://www.samba.org/samba/security/CVE-2020-25722.html
Scores
CVSS v3
8.8
EPSS
0.0041
EPSS Percentile
61.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-863
Status
published
Products (10)
canonical/ubuntu_linux
18.04
canonical/ubuntu_linux
20.04
canonical/ubuntu_linux
21.04
canonical/ubuntu_linux
21.10
debian/debian_linux
9.0
debian/debian_linux
10.0
fedoraproject/fedora
33
fedoraproject/fedora
34
fedoraproject/fedora
35
samba/samba
4.0.0 - 4.13.14
Published
Feb 18, 2022
Tracked Since
Feb 18, 2026