CVE-2020-25720

EUVD-2020-18374
A vulnerability was found in Samba where a delegated administrator with permission to create objects in Active Directory can write to all attributes of the newly created object, including security-sensitive attributes, even after the object's creation. This issue occurs because the administrator owns the object due to the lack of an Access Control List (ACL) at the time of creation and later being recognized as the 'creator owner.' The retained significant rights of the delegated administrator may not be well understood, potentially leading to unintended privilege escalation or security risks.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
HIGH
LOW
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 38%
Debian logo
Debian Releases
Debian Product
Codename
samba
bookworm
2:4.17.12+dfsg-0+deb12u1
fixed
bookworm (security)
2:4.17.12+dfsg-0+deb12u1
fixed
bullseye
ignored
bullseye (security)
vulnerable
buster
ignored
sid
2:4.21.1+dfsg-2
fixed
trixie
2:4.21.1+dfsg-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
samba
bionic
deferred
focal
deferred
jammy
deferred
kinetic
ignored
lunar
ignored
mantic
ignored
noble
deferred
trusty
deferred
xenial
deferred
Amazon Linux logo
Amazon Linux Releases
Amazon Package
Release
libnetapi
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
libnetapi-debuginfo
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
libnetapi-devel
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
libsmbclient
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
libsmbclient-debuginfo
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
libsmbclient-devel
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
libwbclient
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
libwbclient-debuginfo
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
libwbclient-devel
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
python3-samba
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
python3-samba-dc
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
python3-samba-dc-debuginfo
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
python3-samba-debuginfo
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
python3-samba-devel
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
python3-samba-test
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
samba
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
samba-client
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
samba-client-debuginfo
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
samba-client-libs
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
samba-client-libs-debuginfo
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
samba-common
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
samba-common-libs
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
samba-common-libs-debuginfo
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
samba-common-tools
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
samba-common-tools-debuginfo
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
samba-dc-libs
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
samba-dc-libs-debuginfo
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
samba-dcerpc
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
samba-dcerpc-debuginfo
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
samba-debuginfo
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
samba-debugsource
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
samba-devel
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
samba-krb5-printing
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
samba-krb5-printing-debuginfo
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
samba-ldb-ldap-modules
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
samba-ldb-ldap-modules-debuginfo
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
samba-libs
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
samba-libs-debuginfo
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
samba-pidl
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
samba-test
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
samba-test-debuginfo
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
samba-test-libs
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
samba-test-libs-debuginfo
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
samba-tools
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
samba-usershares
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
samba-vfs-iouring
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
samba-vfs-iouring-debuginfo
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
samba-winbind
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
samba-winbind-clients
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
samba-winbind-clients-debuginfo
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
samba-winbind-debuginfo
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
samba-winbind-krb5-locator
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
samba-winbind-krb5-locator-debuginfo
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
samba-winbind-modules
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed
samba-winbind-modules-debuginfo
Amazon Linux 2023
2:4.17.8-0.amzn2023.0.2
fixed