CVE-2018-10919

Summary

The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks. An authenticated attacker could use this flaw to extract confidential attribute values using LDAP search expressions. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.

Affected Software

VendorProductVersion RangeStatus
The Samba Teamsamba4.6.16affected
The Samba Teamsamba4.7.9affected
The Samba Teamsamba4.8.4affected

Weaknesses

  • CWE-203: CWE-203

ADP Enrichment

CVE Program Container

Additional References

References