CVE-2020-14383

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

A flaw was found in samba's DNS server. An authenticated user could use this flaw to the RPC server to crash. This RPC server, which also serves protocols other than dnsserver, will be restarted after a short delay, but it is easy for an authenticated non administrative attacker to crash it again as soon as it returns. The Samba DNS server itself will continue to operate, but many RPC services will not.

References

https://www.samba.org/samba/security/CVE-2020-14383.html

https://bugzilla.redhat.com/show_bug.cgi?id=1892636

https://security.gentoo.org/glsa/202012-24

Details

Source: MITRE

Published: 2020-12-02

Updated: 2021-05-05

Risk Information

CVSS v2

Base Score: 4

Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 8

Severity: MEDIUM

CVSS v3

Base Score: 6.5

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Impact Score: 3.6

Exploitability Score: 2.8

Severity: MEDIUM

Tenable Plugins

View all (27 total)

IDNameProductFamilySeverity
151396EulerOS Virtualization 3.0.2.2 : samba (EulerOS-SA-2021-2168)NessusHuawei Local Security Checks
critical
148068EulerOS 2.0 SP5 : samba (EulerOS-SA-2021-1704)NessusHuawei Local Security Checks
medium
147666EulerOS Virtualization 2.9.0 : samba (EulerOS-SA-2021-1635)NessusHuawei Local Security Checks
critical
147505EulerOS Virtualization for ARM 64 3.0.2.0 : samba (EulerOS-SA-2021-1380)NessusHuawei Local Security Checks
medium
147497EulerOS Virtualization 2.9.1 : samba (EulerOS-SA-2021-1625)NessusHuawei Local Security Checks
critical
147458EulerOS Virtualization 3.0.2.6 : samba (EulerOS-SA-2021-1423)NessusHuawei Local Security Checks
medium
147061EulerOS Virtualization 3.0.6.6 : samba (EulerOS-SA-2021-1517)NessusHuawei Local Security Checks
critical
147047EulerOS Virtualization for ARM 64 3.0.6.0 : samba (EulerOS-SA-2021-1533)NessusHuawei Local Security Checks
critical
146748EulerOS 2.0 SP2 : samba (EulerOS-SA-2021-1357)NessusHuawei Local Security Checks
high
145783EulerOS 2.0 SP8 : samba (EulerOS-SA-2021-1171)NessusHuawei Local Security Checks
medium
145189EulerOS 2.0 SP3 : samba (EulerOS-SA-2021-1118)NessusHuawei Local Security Checks
critical
144674EulerOS 2.0 SP9 : samba (EulerOS-SA-2021-1017)NessusHuawei Local Security Checks
medium
144671EulerOS 2.0 SP9 : samba (EulerOS-SA-2021-1036)NessusHuawei Local Security Checks
medium
144607GLSA-202012-24 : Samba: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
143848SUSE SLED15 / SLES15 Security Update : samba (SUSE-SU-2020:3081-1)NessusSuSE Local Security Checks
medium
143847SUSE SLES12 Security Update : samba (SUSE-SU-2020:3082-1)NessusSuSE Local Security Checks
medium
143822SUSE SLES15 Security Update : samba (SUSE-SU-2020:3087-1)NessusSuSE Local Security Checks
medium
143797SUSE SLED15 / SLES15 Security Update : samba (SUSE-SU-2020:3092-1)NessusSuSE Local Security Checks
medium
143684SUSE SLES12 Security Update : samba (SUSE-SU-2020:3093-1)NessusSuSE Local Security Checks
medium
143186Debian DLA-2463-1 : samba security updateNessusDebian Local Security Checks
critical
142668Fedora 32 : 2:samba (2020-2e1a1489be)NessusFedora Local Security Checks
medium
142540openSUSE Security Update : samba (openSUSE-2020-1811)NessusSuSE Local Security Checks
medium
142419Samba 3.6.x < 4.11.15 / 4.12.x < 4.12.9 / 4.13.x < 4.13.1 Multiple VulnerabilitiesNessusMisc.
medium
142351Fedora 33 : 2:samba (2020-c1e9ae02d2)NessusFedora Local Security Checks
medium
142324openSUSE Security Update : samba (openSUSE-2020-1819)NessusSuSE Local Security Checks
medium
142218Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 20.10 : Samba vulnerabilities (USN-4611-1)NessusUbuntu Local Security Checks
medium
142151FreeBSD : samba -- Multiple Vulnerabilities (9ca85b7c-1b31-11eb-8762-005056a311d1)NessusFreeBSD Local Security Checks
medium