CVE-2018-14628 - OpenCVE

An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Fedoraproject	Fedora
Samba	Samba

Configuration 1 [-]

cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.openwall.com/lists/oss-security/2023/11/28/4
https://bugzilla.redhat.com/show_bug.cgi?id=1625445
https://bugzilla.samba.org/show_bug.cgi?id=13595
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DK57HQRTCDOZDIIICYWQ4Z5IQXTWVVW/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ACVMYEP5KJRL3FWSCZW2MQZ26IVPXY62/
https://nvd.nist.gov/vuln/detail/CVE-2018-14628
https://www.cve.org/CVERecord?id=CVE-2018-14628

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2023-01-17T00:00:00

Updated: 2024-08-05T09:29:51.760Z

Reserved: 2018-07-27T00:00:00

Link: CVE-2018-14628

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-01-17T18:15:10.810

Modified: 2023-12-04T03:15:07.080

Link: CVE-2018-14628

Redhat

Severity : Moderate

Publid Date: 2022-04-13T00:00:00Z

Links: CVE-2018-14628 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2018-14628", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "dateUpdated": "2024-08-05T09:29:51.760Z", "dateReserved": "2018-07-27T00:00:00", "datePublished": "2023-01-17T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2023-01-17T00:00:00"}, "descriptions": [{"lang": "en", "value": "An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store."}], "affected": [{"vendor": "n/a", "product": "Samba", "versions": [{"version": "All versions from 4.0.0 onwards", "status": "affected"}]}], "references": [{"url": "https://bugzilla.samba.org/show_bug.cgi?id=13595"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1625445"}, {"url": "http://www.openwall.com/lists/oss-security/2023/11/28/4"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DK57HQRTCDOZDIIICYWQ4Z5IQXTWVVW/"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ACVMYEP5KJRL3FWSCZW2MQZ26IVPXY62/"}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-862", "cweId": "CWE-862"}]}]}, "adp": [{"title": "CVE Program Container", "references": [{"url": "https://security.netapp.com/advisory/ntap-20230223-0008/"}, {"url": "https://bugzilla.samba.org/show_bug.cgi?id=13595", "tags": ["x_transferred"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1625445", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2023/11/28/4", "tags": ["x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DK57HQRTCDOZDIIICYWQ4Z5IQXTWVVW/", "tags": ["x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ACVMYEP5KJRL3FWSCZW2MQZ26IVPXY62/", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T09:29:51.760Z"}}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*", "matchCriteriaId": "FE6906E8-E743-4350-845A-CEBC5C9B3488", "versionStartIncluding": "4.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store."}, {"lang": "es", "value": "Se descubri\u00f3 una vulnerabilidad de fuga de informaci\u00f3n en el servidor LDAP de Samba. Debido a la falta de comprobaciones de control de acceso, un atacante autenticado pero sin privilegios podr\u00eda descubrir los nombres y atributos conservados de los objetos eliminados en el almac\u00e9n LDAP."}], "id": "CVE-2018-14628", "lastModified": "2023-12-04T03:15:07.080", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-01-17T18:15:10.810", "references": [{"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2023/11/28/4"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1625445"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Issue Tracking", "Patch", "Vendor Advisory"], "url": "https://bugzilla.samba.org/show_bug.cgi?id=13595"}, {"source": "secalert@redhat.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DK57HQRTCDOZDIIICYWQ4Z5IQXTWVVW/"}, {"source": "secalert@redhat.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ACVMYEP5KJRL3FWSCZW2MQZ26IVPXY62/"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "secalert@redhat.com", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank Andrew Bartlett (Catalyst and Samba Team) for reporting this issue.", "bugzilla": {"description": "samba: Unprivileged read of deleted object tombstones in AD LDAP server", "id": "1625445", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1625445"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.3", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "status": "draft"}, "cwe": "CWE-862", "details": ["An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store.", "An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store."], "name": "CVE-2018-14628", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "samba", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "samba3x", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "samba", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "samba4", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "samba", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "samba", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/a:redhat:storage:3", "fix_state": "Not affected", "package_name": "samba", "product_name": "Red Hat Storage 3"}, {"cpe": "cpe:/o:redhat:rhev_hypervisor:4", "fix_state": "Not affected", "package_name": "samba", "product_name": "Red Hat Virtualization 4"}], "public_date": "2022-04-13T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2018-14628\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-14628"], "statement": "Samba 4 packages distributed with Red Hat Enterprise Linux are built without the AD DC functionality, where this flaw is present. These packages are not affected by this vulnerability.", "threat_severity": "Moderate"}