Vulnerability CVE-2020-14318: Information

Description

A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be unavailable to the attacker.

Severity: MEDIUM (4.3) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

URL: https://nvd.nist.gov/vuln/detail/CVE-2020-14318
Published: Dec. 3, 2020
Modified: April 22, 2024
Error type identifier: CWE-266

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
sambasisyphus4.12.9-alt14.20.1-alt2ALT-PU-2020-3215-1260613Fixed
sambap104.12.9-alt14.19.6-alt2ALT-PU-2020-3215-1260613Fixed
sambap94.11.15-alt14.14.10-alt2ALT-PU-2020-3188-1260610Fixed
sambac10f14.12.9-alt14.16.11-alt2ALT-PU-2020-3215-1260613Fixed
sambac9f24.11.15-alt14.14.14-alt0.c9.1ALT-PU-2020-3271-1261533Fixed
sambap114.12.9-alt14.20.1-alt1ALT-PU-2020-3215-1260613Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://bugzilla.redhat.com/show_bug.cgi?id=1892631
  • Issue Tracking
  • Patch
  • Third Party Advisory
https://www.samba.org/samba/security/CVE-2020-14318.html
  • Vendor Advisory
GLSA-202012-24
  • Third Party Advisory
[debian-lts-announce] 20240422 [SECURITY] [DLA 3792-1] samba security update

      1. Configuration 1

        cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
        Start including
        4.12.0
        End excliding
        4.12.9
        cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
        Start including
        4.13.0
        End excliding
        4.13.1
        cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
        Start including
        3.6.0
        End excliding
        4.11.15

        Configuration 2

        cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
        cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
        cpe:2.3:a:redhat:storage:3.0:*:*:*:*:*:*:*
    VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
    Version: v24.5.3
    Back to top