CVE-2017-2619

High

Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the…

redhat·CWE-362·Published 2018-03-12

CVSS

7.5

EPSS

0.11

KEV

Exploits

cve.orgen

195 chars

Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition.

NVDen

195 chars

Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition.

NVDes

242 chars

Samba, en versiones anteriores a 4.6.1, 4.5.7 y 4.4.11, es vulnerable a un cliente malicioso que emplee una carrera symlink para permitir el acceso a áreas del sistema de archivos del servidor que no se exportan bajo la definición compartida.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	6.0	6.8	6.4	AV:N/AC:M/Au:S/C:P/I:P/A:P
3.1	Primary	NVD	7.5	1.6	5.9	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H