CVE-2011-2522 : Multiple cross-site request forgery (CSRF) vulnerabilities in the Samba Web Admi

Multiple cross-site request forgery (CSRF) vulnerabilities in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.10 allow remote attackers to hijack the authentication of administrators for requests that (1) shut down daemons, (2) start daemons, (3) add shares, (4) remove shares, (5) add printers, (6) remove printers, (7) add user accounts, or (8) remove user accounts, as demonstrated by certain start, stop, and restart parameters to the status program.

Published 2011-07-29 20:55:02

Updated 2025-04-11 00:51:22

Source Red Hat, Inc.

View at NVD, CVE.org

Vulnerability category: Cross-site request forgery (CSRF)

Products affected by CVE-2011-2522

Debian » Debian Linux » Version: 6.0
cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
Matching versions
Debian » Debian Linux » Version: 7.0
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
Matching versions
Debian » Debian Linux » Version: 5.0
cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
Matching versions
Samba » Samba
Versions from including (>=) 3.0.0 and before (<) 3.3.16
cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
Matching versions
Samba » Samba
Versions from including (>=) 3.4.0 and before (<) 3.4.14
cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
Matching versions
Samba » Samba
Versions from including (>=) 3.5.0 and before (<) 3.5.10
cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 8.04
cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 10.10
cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 10.04
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 11.04
cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*
Matching versions

Threat overview for CVE-2011-2522

Top countries where our scanners detected CVE-2011-2522

Top open port discovered on systems with this issue 8200

IPs affected by CVE-2011-2522 250

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2011-2522!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2011-2522

EPSS FAQ

21.93%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 95 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2011-2522

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
6.8	MEDIUM	AV:N/AC:M/Au:N/C:P/I:P/A:P	8.6	6.4	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

CWE ids for CVE-2011-2522

CWE-352 Cross-Site Request Forgery (CSRF)

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2011-2522

http://secunia.com/advisories/45488

Sign in
Third Party Advisory

CVEs referencing this url
https://bugzilla.redhat.com/show_bug.cgi?id=721348

721348 – (CVE-2011-2522) CVE-2011-2522 samba (SWAT): Absent CSRF protection in various Samba web configuration formulars
Issue Tracking;Patch;Third Party Advisory
http://osvdb.org/74071

Broken Link
http://ubuntu.com/usn/usn-1182-1

USN-1182-1: Samba vulnerabilities | Ubuntu security notices
Third Party Advisory

CVEs referencing this url
https://exchange.xforce.ibmcloud.com/vulnerabilities/68843

Samba SWAT cross-site request forgery CVE-2011-2522 Vulnerability Report
Third Party Advisory;VDB Entry
http://www.mandriva.com/security/advisories?name=MDVSA-2011:121

mandriva.com
Broken Link

CVEs referencing this url
http://marc.info/?l=bugtraq&m=133527864025056&w=2

'[security bulletin] HPSBUX02768 SSRT100664 rev.1 - CIFS Server (Samba), Remote Cross Site Request Fo' - MARC
Mailing List;Third Party Advisory
http://secunia.com/advisories/45496

Sign in
Third Party Advisory

CVEs referencing this url
http://securitytracker.com/id?1025852

Samba Web Administration Tool (SWAT) Input Validation Flaws Permit Cross-Site Request Forgery and Cross-Site Scripting Attacks - SecurityTracker
Third Party Advisory;VDB Entry

CVEs referencing this url
http://jvn.jp/en/jp/JVN29529126/index.html

JVN#29529126: Samba Web Administration Tool vulnerable to cross-site request forgery
Third Party Advisory
http://samba.org/samba/history/samba-3.5.10.html

Vendor Advisory

CVEs referencing this url
http://securityreason.com/securityalert/8317

Samba Web Administration Tool Cross-Site Request Forgery +PoC - CXSecurity.com
Third Party Advisory
https://bugzilla.samba.org/show_bug.cgi?id=8290

Issue Tracking;Patch;Third Party Advisory
http://www.samba.org/samba/security/CVE-2011-2522

Vendor Advisory
http://www.debian.org/security/2011/dsa-2290

Debian -- Security Information -- DSA-2290-1 samba
Third Party Advisory

CVEs referencing this url
http://secunia.com/advisories/45393

Sign in
Third Party Advisory

CVEs referencing this url
http://www.exploit-db.com/exploits/17577

SWAT Samba Web Administration Tool - Cross-Site Request Forgery - CGI webapps Exploit
Exploit;Third Party Advisory;VDB Entry
http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c03008543

Broken Link

CVEs referencing this url
http://www.securityfocus.com/bid/48899

Samba SWAT Cross Site Request Forgery Vulnerability
Third Party Advisory;VDB Entry