QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2021-44141

Back to search

CVE-2021-44141

Published: Feb 21, 2022

Modified: Aug 4, 2024

PUBLISHED

Description

All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exists in an area of the server file system not exported under the share definition. SMB1 with unix extensions has to be enabled in order for this attack to succeed.

VendorProductVersions

n/a

Samba

affected
All versions of Samba prior to 4.15.5

Weaknesses (CWE)

CWE-200

References

GLSA-202309-06
vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now
CVE-2021-44141 - Security Vulnerability | QwikSec