CVE-2020-14383 : A flaw was found in samba's DNS server. An authenticated user could use this fla

A flaw was found in samba's DNS server. An authenticated user could use this flaw to the RPC server to crash. This RPC server, which also serves protocols other than dnsserver, will be restarted after a short delay, but it is easy for an authenticated non administrative attacker to crash it again as soon as it returns. The Samba DNS server itself will continue to operate, but many RPC services will not.

Published 2020-12-02 01:15:12

Updated 2024-04-22 16:15:12

Source Red Hat, Inc.

View at NVD, CVE.org

Products affected by CVE-2020-14383

Redhat » Enterprise Linux » Version: 8.0
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
Matching versions
Samba » Samba
Versions from including (>=) 4.12.0 and before (<) 4.12.9
cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
Matching versions
Samba » Samba
Versions from including (>=) 4.13.0 and before (<) 4.13.1
cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
Matching versions
Samba » Samba
Versions from including (>=) 4.0.0 and before (<) 4.11.15
cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
Matching versions

Threat overview for CVE-2020-14383

Top countries where our scanners detected CVE-2020-14383

Top open port discovered on systems with this issue 445

IPs affected by CVE-2020-14383 234,987

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2020-14383!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2020-14383

EPSS FAQ

0.30%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 50 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2020-14383

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
4.0	MEDIUM	AV:N/AC:L/Au:S/C:N/I:N/A:P	8.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: Single Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial
6.5	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H	2.8	3.6	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High

CWE ids for CVE-2020-14383

CWE-391 Unchecked Error Condition

[PLANNED FOR DEPRECATION. SEE MAINTENANCE NOTES AND CONSIDER CWE-252, CWE-248, OR CWE-1069.] Ignoring exceptions and other error conditions may allow an attacker to induce unexpected behavior unnoticed.

Assigned by: secalert@redhat.com (Secondary)

References for CVE-2020-14383

https://bugzilla.redhat.com/show_bug.cgi?id=1892636

1892636 – (CVE-2020-14383) CVE-2020-14383 samba: An authenticated user can crash the DCE/RPC DNS with easily crafted records
Issue Tracking;Patch;Third Party Advisory
https://www.samba.org/samba/security/CVE-2020-14383.html

Vendor Advisory
https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html

[SECURITY] [DLA 3792-1] samba security update

CVEs referencing this url
https://security.gentoo.org/glsa/202012-24

Samba: Multiple vulnerabilities (GLSA 202012-24) — Gentoo security
Third Party Advisory

CVEs referencing this url