CVE-2023-0614

The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure vi LDAP filters was insufficient and an attacker may be able to obtain confidential BitLocker recovery keys from a Samba AD DC.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:4.18.0:-:*:*:*:*:*:*
cpe:2.3:a:samba:samba:4.18.0:rc1:*:*:*:*:*:*
cpe:2.3:a:samba:samba:4.18.0:rc2:*:*:*:*:*:*
cpe:2.3:a:samba:samba:4.18.0:rc3:*:*:*:*:*:*
cpe:2.3:a:samba:samba:4.18.0:rc4:*:*:*:*:*:*

History

15 May 2023, 18:44

Type Values Removed Values Added
CPE cpe:2.3:a:samba:samba:4.18.0:rc4:*:*:*:*:*:*
cpe:2.3:a:samba:samba:4.18.0:rc2:*:*:*:*:*:*
cpe:2.3:a:samba:samba:4.18.0:-:*:*:*:*:*:*
cpe:2.3:a:samba:samba:4.18.0:rc1:*:*:*:*:*:*
cpe:2.3:a:samba:samba:4.18.0:rc3:*:*:*:*:*:*
References (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YXBPYIA4VWNOD437NAHZ3NXKAETLFB5S/ - (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YXBPYIA4VWNOD437NAHZ3NXKAETLFB5S/ - Third Party Advisory

16 Apr 2023, 04:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-04-03 23:15

Updated : 2024-02-04 23:37


NVD link : CVE-2023-0614

Mitre link : CVE-2023-0614

CVE.ORG link : CVE-2023-0614


JSON object : View

Products Affected

samba

  • samba
CWE
CWE-312

Cleartext Storage of Sensitive Information

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor