CVE-2020-25721

Published: Mar 16, 2022

Modified: Aug 4, 2024

PUBLISHED

Description

Kerberos acceptors need easy access to stable AD identifiers (eg objectSid). Samba as an AD DC now provides a way for Linux applications to obtain a reliable SID (and samAccountName) in issued tickets.

Vendor	Product	Versions
n/a	samba	affected `Affected - All versions since Samba 4.0.0, Fixed-In - v4.15.2, v4.14.10 and v4.13.14`

Weaknesses (CWE)

CWE-20

References

https://www.samba.org/samba/security/CVE-2020-25721.html

https://bugzilla.samba.org/show_bug.cgi?id=14725

https://bugzilla.redhat.com/show_bug.cgi?id=2021728

GLSA-202309-06

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2020-25721

Description

Affected Products

Weaknesses (CWE)

References