Public on 2023-05-16
Modified on 2024-01-30
A user with sufficient privileges to create a computer account, such as a user granted CreateChild permissions for computer objects, may potentially set arbitrary values on security-sensitive attributes of specific objects stored in Active Directory (AD).
Important severity
CVSS v3 Base Score
See breakdown

Affected Packages

Platform Package Release Date Advisory Status
Amazon Linux 1 samba Not Affected
Amazon Linux 2 - Core samba Not Affected
Amazon Linux 2023 samba 2023-05-25 ALAS2023-2023-190 Fixed
Amazon Linux 2023 samba 2023-06-05 ALAS2023-2023-206 Fixed

CVSS Scores

Score Type Score Vector
Amazon Linux CVSSv3 7.5 CVSS3.1:/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H