Home CVE Database CVE-2018-1057

CVE-2018-1057

Description

On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 onwards incorrectly validates permissions to modify passwords over LDAP allowing authenticated users to change any other users\' passwords, including administrative users and privileged service accounts (eg Domain Controllers).

Priority: MEDIUM
CVSS v3: 8.8
Publish Date: Mar 13, 2018
Related ID: --
CVSS v2: HIGH
Modified Date: Mar 13, 2018

Find out more about CVE-2018-1057 from the MITRE-CVE dictionary and NIST NVD


Products Affected

Login may be required to access defects or downloads.

Related Products

Product Name Status Defect Fixed Downloads
Linux 7 SCP Not Vulnerable -- -- --
Linux 7 CGP Not Vulnerable -- -- --

Comments

samba

Live chat
Online