Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-34968

Published: 20/07/2023 Updated: 30/01/2024
CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9
VMScore: 0
Subscribe to Samba

Vulnerability Summary

A path disclosure vulnerability was found in Samba. As part of the Spotlight protocol, Samba discloses the server-side absolute path of shares, files, and directories in the results for search queries. This flaw allows a malicious client or an attacker with a targeted RPC request to view the information that is part of the disclosed path.

Vulnerable Product Search on Vulmon Subscribe to Product

samba samba

fedoraproject fedora 37

fedoraproject fedora 38

redhat enterprise linux 8.0

redhat storage 3.0

redhat enterprise linux 9.0

debian debian linux 11.0

debian debian linux 12.0

Vendor Advisories

Red Hat: Moderate: samba security, bug fix, and enhancement update
Synopsis Moderate: samba security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for samba, evolution-mapi, and openchangeis now available for Red Hat Enterprise Linux 8Red Hat ...
Red Hat: Moderate: samba security update
Synopsis Moderate: samba security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for samba is now available for Red Hat Enterprise Linux 88 Extended Update SupportRed Hat Product Security has rated this ...
Red Hat: Moderate: samba security, bug fix, and enhancement update
Synopsis Moderate: samba security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for samba, evolution-mapi, and openchange is now available for Red Hat Enterprise Linux 9Red Hat ...
Debian Security Advisories: DSA-5477-1 samba -- security update
Several vulnerabilities have been discovered in Samba, which could result in information disclosure, denial of service or insufficient enforcement of security-relevant config directives The version of Samba in the oldstable distribution (bullseye) cannot be fully supported further: If you are using Samba as a domain controller you should either up ...
Red Hat:
Description<!----> This CVE is under investigation by Red Hat Product Security ...

References

NVD-CWE-noinfohttps://www.samba.org/samba/security/CVE-2023-34968.htmlhttps://access.redhat.com/security/cve/CVE-2023-34968https://bugzilla.redhat.com/show_bug.cgi?id=2222795https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPCSGND7LO467AJGR5DYBGZLTCGTOBCC/https://security.netapp.com/advisory/ntap-20230731-0010/https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OT74M42E6C36W7PQVY3OS4ZM7DVYB64Z/https://www.debian.org/security/2023/dsa-5477https://access.redhat.com/errata/RHSA-2023:6667https://access.redhat.com/errata/RHSA-2023:7139https://access.redhat.com/errata/RHSA-2024:0423https://access.redhat.com/errata/RHSA-2024:0580https://access.redhat.com/errata/RHSA-2023:7139https://nvd.nist.govhttps://www.debian.org/security/2023/dsa-5477
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463CVE-2024-29895injectCVE-2023-52689CVE-2024-5049CVE-2024-5051privilege escalationphysicalCVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook