Home > Vulnerability Database > CVE-2020-25717

Mend.io Vulnerability Database

New vulnerability? Tell us about it!

CVE-2020-25717

Date: February 17, 2022

A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation.

Severity Score

8.1

Related Resources (9)

Url: https://nvd.nist.gov/vuln/detail/CVE-2020-25717

Url: https://www.samba.org/samba/security/CVE-2020-25717.html

Url: https://security.alpinelinux.org/vuln/CVE-2020-25717

Url: https://security-tracker.debian.org/tracker/CVE-2020-25717

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2020-25717

Url: https://access.redhat.com/security/cve/CVE-2020-25717

Url: https://bugzilla.redhat.com/show_bug.cgi?id=2019672

Url: https://security.gentoo.org/glsa/202309-06

Url: https://www.mend.io/vulnerability-database/CVE-2020-25717

Severity Score

8.1

Weakness Type (CWE)

Improper Input Validation

CWE-20

CVSS v3.1

Base Score:	8.1
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	NONE

CVSS v2

Base Score:	8.5
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	SINGLE
Confidentiality (C):	COMPLETE
Integrity (I):	COMPLETE
Availability (A):	NONE
Additional information:

Do you need more information?

Contact Us