CVE-2020-25717 : A flaw was found in the way Samba maps domain users to local users. An authentic

A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation.

Published 2022-02-18 18:15:08

Updated 2023-09-17 09:15:09

Source Red Hat, Inc.

View at NVD, CVE.org

Vulnerability category: Input validationGain privilege

Products affected by CVE-2020-25717

Debian » Debian Linux » Version: 9.0
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Matching versions
Debian » Debian Linux » Version: 10.0
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux » Version: 7.0
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux » Version: 8.0
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Desktop » Version: 7.0
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Eus » Version: 8.2
cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Eus » Version: 8.4
cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Server » Version: 7.0
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Workstation » Version: 7.0
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Server Aus » Version: 8.2
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Server Aus » Version: 8.4
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*
Matching versions
Redhat » Openstack » Version: 16.1
cpe:2.3:a:redhat:openstack:16.1:*:*:*:*:*:*:*
Matching versions
Redhat » Openstack » Version: 13
cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*
Matching versions
Redhat » Openstack » Version: 16.2
cpe:2.3:a:redhat:openstack:16.2:*:*:*:*:*:*:*
Matching versions
Redhat » Gluster Storage » Version: 3.0
cpe:2.3:a:redhat:gluster_storage:3.0:*:*:*:*:*:*:*
Matching versions
Redhat » Gluster Storage » Version: 3.5
cpe:2.3:a:redhat:gluster_storage:3.5:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux For Scientific Computing » Version: 7.0
cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux For Power Little Endian Eus » Version: 8.2
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.2:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux For Power Little Endian Eus » Version: 8.4
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.4:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux For Power Little Endian » Version: 7.0
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux For Power Little Endian » Version: 8.0
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux For Power Big Endian » Version: 7.0
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux For Ibm Z Systems Eus » Version: 8.2
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.2:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux For Ibm Z Systems Eus » Version: 8.4
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.4:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux For Ibm Z Systems » Version: 7.0
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux For Ibm Z Systems » Version: 8.0
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Resilient Storage » Version: 7.0
cpe:2.3:o:redhat:enterprise_linux_resilient_storage:7.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Server Tus » Version: 8.4
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Tus » Version: 8.2
cpe:2.3:o:redhat:enterprise_linux_tus:8.2:*:*:*:*:*:*:*
Matching versions
Redhat » Virtualization » Version: 4.0
cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*
Matching versions
Redhat » Virtualization Host » Version: 4.0
cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Server Update Services For Sap Solutions » Version: 8.2
cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.2:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Server Update Services For Sap Solutions » Version: 8.4
cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*
Matching versions
Redhat » Codeready Linux Builder » Version: N/A
cpe:2.3:a:redhat:codeready_linux_builder:-:*:*:*:*:*:*:*
Matching versions
Samba » Samba
Versions from including (>=) 3.0.0 and before (<) 4.13.14
cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
Matching versions
Samba » Samba
Versions from including (>=) 4.15.0 and before (<) 4.15.2
cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
Matching versions
Samba » Samba
Versions from including (>=) 4.14.0 and before (<) 4.14.10
cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 18.04 LTS Edition
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 20.04 LTS Edition
cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 21.04
cpe:2.3:o:canonical:ubuntu_linux:21.04:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 21.10
cpe:2.3:o:canonical:ubuntu_linux:21.10:*:*:*:*:*:*:*
Matching versions
Fedoraproject » Fedora » Version: 33
cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
Matching versions
Fedoraproject » Fedora » Version: 34
cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
Matching versions
Fedoraproject » Fedora » Version: 35
cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
Matching versions

Threat overview for CVE-2020-25717

Top countries where our scanners detected CVE-2020-25717

Top open port discovered on systems with this issue 80

IPs affected by CVE-2020-25717 908,288

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2020-25717!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2020-25717

EPSS FAQ

0.15%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 32 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2020-25717

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
8.5	HIGH	AV:N/AC:L/Au:S/C:C/I:C/A:N	8.0	9.2	NIST
Access Vector: Network Access Complexity: Low Authentication: Single Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: None
8.1	HIGH	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N	2.8	5.2	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: None

CWE ids for CVE-2020-25717

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Assigned by:
- nvd@nist.gov (Primary)
- secalert@redhat.com (Secondary)

References for CVE-2020-25717

https://www.samba.org/samba/security/CVE-2020-25717.html

Mitigation;Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2019672

2019672 – (CVE-2020-25717) CVE-2020-25717 samba: A user in an AD Domain could become root on domain members
Issue Tracking;Patch;Third Party Advisory
https://security.gentoo.org/glsa/202309-06

Samba: Multiple Vulnerabilities (GLSA 202309-06) — Gentoo security

CVEs referencing this url