CVE-2019-14902

There is an issue in all samba 4.11.x versions before 4.11.5, all samba 4.10.x versions before 4.10.12 and all samba 4.9.x versions before 4.9.18, where the removal of the right to create or modify a subtree would not automatically be taken away on all domain controllers.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

History

29 May 2021, 13:15

Type Values Removed Values Added
References
  • (MLIST) https://lists.debian.org/debian-lts-announce/2021/05/msg00023.html -

Information

Published : 2020-01-21 18:15

Updated : 2024-02-04 20:39


NVD link : CVE-2019-14902

Mitre link : CVE-2019-14902

CVE.ORG link : CVE-2019-14902


JSON object : View

Products Affected

debian

  • debian_linux

samba

  • samba

canonical

  • ubuntu_linux

opensuse

  • leap
CWE
NVD-CWE-noinfo CWE-284

Improper Access Control