CVE-2020-25721

Summary

Kerberos acceptors need easy access to stable AD identifiers (eg objectSid). Samba as an AD DC now provides a way for Linux applications to obtain a reliable SID (and samAccountName) in issued tickets.

Affected Software

VendorProductVersion RangeStatus
n/asambaAffected - All versions since Samba 4.0.0, Fixed-In - v4.15.2, v4.14.10 and v4.13.14affected

Weaknesses

  • CWE-20: CWE-20 (Improper Input validation)

ADP Enrichment

CVE Program Container

Additional References

References