CVE-2019-10197
Public on 2019-09-03
Modified on 2020-08-31
Description
A flaw was found in samba when certain parameters were set in the samba configuration file. An unauthenticated attacker could use this flaw to escape the shared directory and access the contents of directories outside of the share.
Severity
CVSS v3 Base Score
See breakdown
Affected Packages
Platform | Package | Release Date | Advisory | Status |
---|---|---|---|---|
Amazon Linux 1 | samba | 2020-08-26 | ALAS-2020-1424 | Fixed |
Amazon Linux 2 - Core | samba | 2020-07-14 | ALAS2-2020-1459 | Fixed |
CVSS Scores
Score Type | Score | Vector | |
---|---|---|---|
Amazon Linux | CVSSv3 | 6.5 | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N |
NVD | CVSSv3 | 9.1 | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
NVD | CVSSv2 | 6.4 | AV:N/AC:L/Au:N/C:P/I:P/A:N |