CVE-2019-3870

{"id": "CVE-2019-3870", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.6, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Secondary", "source": "secalert@redhat.com", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 6.1, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 4.2, "exploitabilityScore": 1.8}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 4.2, "exploitabilityScore": 1.8}]}, "published": "2019-04-09T16:29:01.867", "references": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3870", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.samba.org/show_bug.cgi?id=13834", "tags": ["Exploit", "Issue Tracking", "Patch", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6354GALK73CZWQKFUG7AWB6EIEGFMF62/", "source": "secalert@redhat.com"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JTJVFA3RZ6G2IZDTVKLHRMX6QBYA4GPA/", "source": "secalert@redhat.com"}, {"url": "https://support.f5.com/csp/article/K20804356", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.samba.org/samba/security/CVE-2019-3870.html", "tags": ["Mitigation", "Patch", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.synology.com/security/advisory/Synology_SA_19_15", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-276"}]}, {"type": "Secondary", "source": "secalert@redhat.com", "description": [{"lang": "en", "value": "CWE-276"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in Samba from version (including) 4.9 to versions before 4.9.6 and 4.10.2. During the creation of a new Samba AD DC, files are created in a private subdirectory of the install location. This directory is typically mode 0700, that is owner (root) only access. However in some upgraded installations it will have other permissions, such as 0755, because this was the default before Samba 4.8. Within this directory, files are created with mode 0666, which is world-writable, including a sample krb5.conf, and the list of DNS names and servicePrincipalName values to update."}, {"lang": "es", "value": "Se encontr\u00f3 una vulnerabilidad en Samba desde la versi\u00f3n 4.9 (incluida) hasta las versiones anteriores a la 4.9.6 y 4.10.2. Durante la creaci\u00f3n de un nuevo Samba AD DC, los archivos se crean en un subdirectorio privado de la ubicaci\u00f3n de instalaci\u00f3n. Este directorio es t\u00edpicamente el modo 0700, es decir, acceso s\u00f3lo para administradores (root). Sin embargo, en algunas instalaciones actualizadas tendr\u00e1 otros permisos, como el 0755, ya que \u00e9ste era el predeterminado en versiones de Samba anteriores a la 4.8. Dentro de este directorio, los archivos se crean con el modo 0666, en el que cualquiera puede escribir, incluyendo un ejemplo de krb5.conf, y la lista de nombres DNS y valores de servicePrincipalName para actualizar."}], "lastModified": "2023-11-07T03:10:15.880", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FB5809AF-3124-4475-A102-896C8909149C", "versionEndExcluding": "4.9.6", "versionStartIncluding": "4.9.0"}, {"criteria": "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "08F84037-A781-469C-B023-952B56E0C26E", "versionEndExcluding": "4.10.2", "versionStartIncluding": "4.10.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D100F7CE-FC64-4CC6-852A-6136D72DA419"}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:synology:directory_server:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "83512426-0B96-43E2-AFBA-592B25E61676"}, {"criteria": "cpe:2.3:a:synology:diskstation_manager:5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "416E0865-B437-493B-AE38-C24B6037B78E"}, {"criteria": "cpe:2.3:a:synology:diskstation_manager:6.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "752FBED9-088B-495C-ACF2-F281C0A8F807"}, {"criteria": "cpe:2.3:a:synology:diskstation_manager:6.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "022A0BC6-2C70-406D-8D60-EC6F9F6A90CA"}, {"criteria": "cpe:2.3:a:synology:router_manager:1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "85F6D2BF-23EA-4D44-8126-64EA85184D38"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:synology:skynas_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "53EF087B-D7E9-4F9A-803A-B0260C495C67"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:synology:skynas:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D0A88A76-CF8A-4D29-B480-E5317219072D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:synology:vs960hd_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F300E1F1-D61A-46A6-8A9E-F3270CFA77F6", "versionEndExcluding": "2.3.6-1720"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:synology:vs960hd:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1CCBDFF9-AF42-4681-879B-CF789EBAD130"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "secalert@redhat.com"}