CVE-2020-14318

A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be unavailable to the attacker.

Published: Dec 3, 2020
Updated: Apr 13, 2023
CVE: CVE-2020-14318
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.3
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CVSS v2:

Severity: Low
Score: 4
AV:N/AC:L/Au:S/C:P/I:N/A:N

CWEs:

CWE-266

Affected Software
References

Software	From	Fixed in
samba / samba	4.12.0	4.12.9
samba / samba	4.13.0	4.13.1
samba / samba	3.6.0	4.11.15
redhat / enterprise_linux	7.0	7.0.x
redhat / enterprise_linux	8.0	8.0.x
redhat / storage	3.0	3.0.x

https://bugzilla.redhat.com/show_bug.cgi?id=1892631
https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html
https://security.gentoo.org/glsa/202012-24
https://www.samba.org/samba/security/CVE-2020-14318.html

Vulnerability Database

289,599

CVE-2020-14318