CVE-2023-0614 : The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attrib

The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure vi LDAP filters was insufficient and an attacker may be able to obtain confidential BitLocker recovery keys from a Samba AD DC.

Published 2023-04-03 23:15:07

Updated 2025-02-13 15:15:13

Source Red Hat, Inc.

View at NVD, CVE.org

Products affected by CVE-2023-0614

Samba » Samba
Versions from including (>=) 4.17.0 and before (<) 4.17.7
cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
Matching versions
Samba » Samba
Versions from including (>=) 4.0.0 and before (<) 4.16.10
cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
Matching versions
Samba » Samba » Version: 4.18.0
cpe:2.3:a:samba:samba:4.18.0:-:*:*:*:*:*:*
Matching versions
Samba » Samba » Version: 4.18.0 Update RC1
cpe:2.3:a:samba:samba:4.18.0:rc1:*:*:*:*:*:*
Matching versions
Samba » Samba » Version: 4.18.0 Update RC3
cpe:2.3:a:samba:samba:4.18.0:rc3:*:*:*:*:*:*
Matching versions
Samba » Samba » Version: 4.18.0 Update RC4
cpe:2.3:a:samba:samba:4.18.0:rc4:*:*:*:*:*:*
Matching versions
Samba » Samba » Version: 4.18.0 Update RC2
cpe:2.3:a:samba:samba:4.18.0:rc2:*:*:*:*:*:*
Matching versions

Threat overview for CVE-2023-0614

Top countries where our scanners detected CVE-2023-0614

Top open port discovered on systems with this issue 445

IPs affected by CVE-2023-0614 158,654

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2023-0614!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2023-0614

EPSS FAQ

0.18%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 36 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2023-0614

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
7.7	HIGH	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N	3.1	4.0	134c704f-9b21-4f2e-91b3-4a467353bcc0	2025-02-13
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Changed Confidentiality: High Integrity: None Availability: None
6.5	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N	2.8	3.6	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: None Availability: None

CWE ids for CVE-2023-0614

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Assigned by: secalert@redhat.com (Secondary)
CWE-312 Cleartext Storage of Sensitive Information

The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2023-0614

https://www.samba.org/samba/security/CVE-2023-0614.html

Vendor Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YXBPYIA4VWNOD437NAHZ3NXKAETLFB5S/

[SECURITY] Fedora 36 Update: samba-4.16.10-0.fc36 - package-announce - Fedora mailing-lists

CVEs referencing this url
https://security.netapp.com/advisory/ntap-20230406-0007/

March 2023 Samba Vulnerabilities in NetApp Products | NetApp Product Security
Third Party Advisory

CVEs referencing this url
https://security.gentoo.org/glsa/202309-06

Samba: Multiple Vulnerabilities (GLSA 202309-06) — Gentoo security

CVEs referencing this url
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YXBPYIA4VWNOD437NAHZ3NXKAETLFB5S/

[SECURITY] Fedora 36 Update: samba-4.16.10-0.fc36 - package-announce - Fedora Mailing-Lists
Third Party Advisory

CVEs referencing this url