Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2023-4154

Publication date 10 October 2023

Last updated 24 July 2024


Ubuntu priority

Cvss 3 Severity Score

6.5 · Medium

Score breakdown

A design flaw was found in Samba's DirSync control implementation, which exposes passwords and secrets in Active Directory to privileged users and Read-Only Domain Controllers (RODCs). This flaw allows RODCs and users possessing the GET_CHANGES right to access all attributes, including sensitive secrets and passwords. Even in a default setup, RODC DC accounts, which should only replicate some passwords, can gain access to all domain secrets, including the vital krbtgt, effectively eliminating the RODC / DC distinction. Furthermore, the vulnerability fails to account for error conditions (fail open), like out-of-memory situations, potentially granting access to secret attributes, even under low-privileged attacker influence.

Status

Package Ubuntu Release Status
samba 24.10 oracular
Fixed 2:4.18.6+dfsg-1ubuntu2.1
24.04 LTS noble
Fixed 2:4.18.6+dfsg-1ubuntu2.1
23.10 mantic
Fixed 2:4.18.6+dfsg-1ubuntu2.1
23.04 lunar
Fixed 2:4.17.7+dfsg-1ubuntu2.3
22.04 LTS jammy
Fixed 2:4.15.13+dfsg-0ubuntu1.5
20.04 LTS focal
Fixed 2:4.15.13+dfsg-0ubuntu0.20.04.6
18.04 LTS bionic
Needs evaluation
16.04 LTS xenial
Needs evaluation
14.04 LTS trusty
Needs evaluation

Severity score breakdown

Parameter Value
Base score 6.5 · Medium
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Scope Unchanged
Confidentiality High
Integrity impact None
Availability impact None
Vector CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

References

Related Ubuntu Security Notices (USN)

Other references