2023-04-24 12:24:31 +02:00
{
"id" : "CVE-2016-2124" ,
"sourceIdentifier" : "secalert@redhat.com" ,
"published" : "2022-02-18T18:15:08.237" ,
2024-12-08 03:06:42 +00:00
"lastModified" : "2024-11-21T02:47:52.757" ,
2023-09-14 18:00:29 +00:00
"vulnStatus" : "Modified" ,
2024-07-14 02:06:08 +00:00
"cveTags" : [ ] ,
2023-04-24 12:24:31 +02:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required."
} ,
{
"lang" : "es" ,
"value" : "Se ha encontrado un fallo en la forma en que Samba implementa la autenticaci\u00f3n SMB1. Un atacante podr\u00eda usar este fallo para recuperar la contrase\u00f1a en texto plano enviada a trav\u00e9s del cable, incluso si es requerida la autenticaci\u00f3n Kerberos"
}
] ,
"metrics" : {
"cvssMetricV31" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "3.1" ,
"vectorString" : "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" ,
2024-12-08 03:06:42 +00:00
"baseScore" : 5.9 ,
"baseSeverity" : "MEDIUM" ,
2023-04-24 12:24:31 +02:00
"attackVector" : "NETWORK" ,
"attackComplexity" : "HIGH" ,
"privilegesRequired" : "NONE" ,
"userInteraction" : "NONE" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "HIGH" ,
"integrityImpact" : "NONE" ,
2024-12-08 03:06:42 +00:00
"availabilityImpact" : "NONE"
2023-04-24 12:24:31 +02:00
} ,
"exploitabilityScore" : 2.2 ,
"impactScore" : 3.6
}
] ,
"cvssMetricV2" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "2.0" ,
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:N/A:N" ,
2024-12-08 03:06:42 +00:00
"baseScore" : 4.3 ,
2023-04-24 12:24:31 +02:00
"accessVector" : "NETWORK" ,
"accessComplexity" : "MEDIUM" ,
"authentication" : "NONE" ,
"confidentialityImpact" : "PARTIAL" ,
"integrityImpact" : "NONE" ,
2024-12-08 03:06:42 +00:00
"availabilityImpact" : "NONE"
2023-04-24 12:24:31 +02:00
} ,
"baseSeverity" : "MEDIUM" ,
"exploitabilityScore" : 8.6 ,
"impactScore" : 2.9 ,
"acInsufInfo" : false ,
"obtainAllPrivilege" : false ,
"obtainUserPrivilege" : false ,
"obtainOtherPrivilege" : false ,
"userInteractionRequired" : false
}
]
} ,
"weaknesses" : [
{
2024-12-08 03:06:42 +00:00
"source" : "secalert@redhat.com" ,
"type" : "Secondary" ,
2023-04-24 12:24:31 +02:00
"description" : [
{
"lang" : "en" ,
"value" : "CWE-287"
}
]
} ,
{
2024-12-08 03:06:42 +00:00
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
2023-04-24 12:24:31 +02:00
"description" : [
{
"lang" : "en" ,
"value" : "CWE-287"
}
]
}
] ,
"configurations" : [
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "3.0.0" ,
"versionEndExcluding" : "4.13.14" ,
"matchCriteriaId" : "BA32EB89-D016-4181-94A6-66872DF23385"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "4.14.0" ,
"versionEndExcluding" : "4.14.10" ,
"matchCriteriaId" : "E2BD5F53-14DC-4BBF-8E5D-A1DBD24B5F02"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "4.15.0" ,
"versionEndExcluding" : "4.15.2" ,
"matchCriteriaId" : "8F33C9B3-33EE-431B-93CF-B738D05BBD0A"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "DEECE5FC-CACF-4496-A3E7-164736409252"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E460AA51-FCDA-46B9-AE97-E6676AA5E194"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A930E247-0B43-43CB-98FF-6CE7B8189835"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "80E516C0-98A4-4ADE-B69F-66A772E2BAAA"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:redhat:codeready_linux_builder:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "1CD81C46-328B-412D-AF4E-68A2AD2F1A73"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:redhat:gluster_storage:3.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "F1986832-44C9-491E-A75D-AAD8FAE683E6"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:redhat:gluster_storage:3.5:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "135265D8-583D-41EB-B741-419FC871CE91"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "704CFA1A-953E-4105-BFBE-406034B83DED"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:redhat:openstack:16.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "C9D3F4FF-AD3D-4D17-93E8-84CAFCED2F59"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:redhat:openstack:16.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "307846C3-F2B3-4E0D-AA31-BCC1444589F8"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "BB28F9AF-3D06-4532-B397-96D7E4792503"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "142AD0DD-4CF3-4D74-9442-459CE3347E3A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "F4CFF558-3C47-480D-A2F0-BABF26042943"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "33C068A4-3780-4EAB-A937-6082DF847564"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "831F0F47-3565-4763-B16F-C87B1FF2035E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0E3F09B5-569F-4C58-9FCA-3C0953D107B5"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "566507B6-AC95-47F7-A3FB-C6F414E45F51"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "87C21FE1-EA5C-498F-9C6C-D05F91A88217"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0AB105EC-19F9-424A-86F1-305A6FD74A9C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "8C9BD9AE-46FC-4609-8D99-A3CFE91D58D1"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "1CDCFF34-6F1D-45A1-BE37-6A0E17B04801"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B4A684C7-88FD-43C4-9BDB-AE337FCBD0AB"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "47811209-5CE5-4375-8391-B0A7F6A0E420"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E5C80DB2-4A78-4EC9-B2A8-1E4D902C4834"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "983533DD-3970-4A37-9A9C-582BD48AA1E5"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "37CE1DC7-72C5-483C-8921-0B462C8284D1"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux_resilient_storage:7.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "F66BE726-A258-42D7-B23A-925F50FDF449"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "51EF4996-72F4-4FA4-814F-F5991E7A8318"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "6897676D-53F9-45B3-B27F-7FF9A4C58D33"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E28F226A-CBC7-4A32-BE58-398FA5B42481"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "AC10D919-57FD-4725-B8D2-39ECB476902F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "3921C1CF-A16D-4727-99AD-03EFFA7C91CA"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "BC6DD887-9744-43EA-8B3C-44C6B6339590"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux_tus:8.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "9C24797C-0397-4D4F-ADC3-3B99095DBB35"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "825ECE2D-E232-46E0-A047-074B34DB1E97"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" ,
"matchCriteriaId" : "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*" ,
"matchCriteriaId" : "902B8056-9E37-443B-8905-8AA93E2447FB"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:canonical:ubuntu_linux:21.04:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "8EF1C1CC-3FAE-4DE3-BC41-E5B14D5721F4"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:canonical:ubuntu_linux:21.10:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "AAE4D2D0-CEEB-416F-8BC5-A7987DF56190"
}
]
}
]
}
] ,
"references" : [
{
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2019660" ,
"source" : "secalert@redhat.com" ,
"tags" : [
"Issue Tracking" ,
"Patch" ,
"Third Party Advisory"
]
} ,
2023-09-14 18:00:29 +00:00
{
"url" : "https://lists.debian.org/debian-lts-announce/2023/09/msg00013.html" ,
"source" : "secalert@redhat.com"
} ,
2023-09-17 10:00:28 +00:00
{
"url" : "https://security.gentoo.org/glsa/202309-06" ,
"source" : "secalert@redhat.com"
} ,
2023-04-24 12:24:31 +02:00
{
"url" : "https://www.samba.org/samba/security/CVE-2016-2124.html" ,
"source" : "secalert@redhat.com" ,
"tags" : [
"Mitigation" ,
"Vendor Advisory"
]
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2019660" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Issue Tracking" ,
"Patch" ,
"Third Party Advisory"
]
} ,
{
"url" : "https://lists.debian.org/debian-lts-announce/2023/09/msg00013.html" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "https://security.gentoo.org/glsa/202309-06" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "https://www.samba.org/samba/security/CVE-2016-2124.html" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Mitigation" ,
"Vendor Advisory"
]
2023-04-24 12:24:31 +02:00
}
]
}
