Vulnerability Details : CVE-2021-20254
A flaw was found in samba. The Samba smbd file server must map Windows group identities (SIDs) into unix group ids (gids). The code that performs this had a flaw that could allow it to read data beyond the end of the array in the case where a negative cache entry had been added to the mapping cache. This could cause the calling code to return those values into the process token that stores the group membership for a user. The highest threat from this vulnerability is to data confidentiality and integrity.
Threat overview for CVE-2021-20254
Top countries where our scanners detected CVE-2021-20254
Top open port discovered on systems with this issue
80
IPs affected by CVE-2021-20254 254,368
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2021-20254!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2021-20254
0.42%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 71 %
Percentile, the proportion of vulnerabilities that are scored at or less