2020-09-16 20:01:46 +00:00
{
"data_type" : "CVE" ,
"data_format" : "MITRE" ,
"data_version" : "4.0" ,
"CVE_data_meta" : {
"ID" : "CVE-2020-25721" ,
2022-03-16 15:02:12 +00:00
"ASSIGNER" : "secalert@redhat.com" ,
"STATE" : "PUBLIC"
} ,
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "n/a" ,
"product" : {
"product_data" : [
{
"product_name" : "samba" ,
"version" : {
"version_data" : [
{
"version_value" : "Affected - All versions since Samba 4.0.0, Fixed-In - v4.15.2, v4.14.10 and v4.13.14"
}
]
}
}
]
}
}
]
}
} ,
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng" ,
"value" : "CWE-20 (Improper Input validation)"
}
]
}
]
} ,
"references" : {
"reference_data" : [
{
"refsource" : "MISC" ,
"name" : "https://www.samba.org/samba/security/CVE-2020-25721.html" ,
"url" : "https://www.samba.org/samba/security/CVE-2020-25721.html"
} ,
{
"refsource" : "MISC" ,
"name" : "https://bugzilla.samba.org/show_bug.cgi?id=14725" ,
"url" : "https://bugzilla.samba.org/show_bug.cgi?id=14725"
} ,
{
"refsource" : "MISC" ,
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2021728" ,
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2021728"
2023-09-17 09:00:34 +00:00
} ,
{
"refsource" : "GENTOO" ,
"name" : "GLSA-202309-06" ,
"url" : "https://security.gentoo.org/glsa/202309-06"
2022-03-16 15:02:12 +00:00
}
]
2020-09-16 20:01:46 +00:00
} ,
"description" : {
"description_data" : [
{
"lang" : "eng" ,
2022-03-16 15:02:12 +00:00
"value" : "Kerberos acceptors need easy access to stable AD identifiers (eg objectSid). Samba as an AD DC now provides a way for Linux applications to obtain a reliable SID (and samAccountName) in issued tickets."
2020-09-16 20:01:46 +00:00
}
]
}
}
