CVE-2021-45100 : The ksmbd server through 3.4.2, as used in the Linux kernel through 5.15.8, some

The ksmbd server through 3.4.2, as used in the Linux kernel through 5.15.8, sometimes communicates in cleartext even though encryption has been enabled. This occurs because it sets the SMB2_GLOBAL_CAP_ENCRYPTION flag when using the SMB 3.1.1 protocol, which is a violation of the SMB protocol specification. When Windows 10 detects this protocol violation, it disables encryption.

Published 2021-12-16 05:15:09

Updated 2022-03-29 16:28:45

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2021-45100

Netapp » H410c Firmware » Version: N/A
cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Netapp » H410c » Version: N/A
Netapp » H300s Firmware » Version: N/A
cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Netapp » H300s » Version: N/A
Netapp » H500s Firmware » Version: N/A
cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Netapp » H500s » Version: N/A
Netapp » H700s Firmware » Version: N/A
cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Netapp » H700s » Version: N/A
Netapp » H300e Firmware » Version: N/A
cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Netapp » H300e » Version: N/A
Netapp » H500e Firmware » Version: N/A
cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Netapp » H500e » Version: N/A
Netapp » H700e Firmware » Version: N/A
cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Netapp » H700e » Version: N/A
Netapp » H410s Firmware » Version: N/A
cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Netapp » H410s » Version: N/A
Ksmbd Project » Ksmbd
Versions up to, including, (<=) 3.4.2
cpe:2.3:a:ksmbd_project:ksmbd:*:*:*:*:*:*:*:*
Matching versions
When used together with: Linux » Linux Kernel

Exploit prediction scoring system (EPSS) score for CVE-2021-45100

EPSS FAQ

0.15%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 37 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2021-45100

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:P/I:N/A:N	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None
7.5	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N	3.9	3.6	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: None Availability: None

CWE ids for CVE-2021-45100

CWE-319 Cleartext Transmission of Sensitive Information

The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2021-45100

https://github.com/cifsd-team/ksmbd/pull/551

Do not set SMB2_GLOBAL_CAP_ENCRYPTION for SMB 3.1.1. Fixes #550 by socram8888 · Pull Request #551 · cifsd-team/ksmbd · GitHub
Patch;Third Party Advisory
https://security.netapp.com/advisory/ntap-20220107-0001/

CVE-2021-45100 Linux Kernel Vulnerability in NetApp Products | NetApp Product Security
Third Party Advisory
https://github.com/cifsd-team/ksmbd/issues/550

Plaintext connection despite encryption enabled · Issue #550 · cifsd-team/ksmbd · GitHub
Third Party Advisory
https://marc.info/?l=linux-kernel&m=163961726017023&w=2

'Re: [PATCH] ksmbd: disable SMB2_GLOBAL_CAP_ENCRYPTION for SMB 3.1.1' - MARC
Third Party Advisory

Jump to

Vulnerability Details : CVE-2021-45100

Products affected by CVE-2021-45100

Exploit prediction scoring system (EPSS) score for CVE-2021-45100

CVSS scores for CVE-2021-45100

CWE ids for CVE-2021-45100

References for CVE-2021-45100