VDB

ALPINE-CVE-2020-25719

ALPINE-CVE-2020-25719 PUBLISHED CVSS 7.199999809265137 HIGH

A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents if it did not strictly require a Kerberos PAC and always use the SIDs found within. The result could include total domain compromise.

Risk Scores

CVSS v3.1
7.199999809265137
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
Alpine:v3.17samba3.2.10-r0, 3.2.8-r0, 3.2.8-r1
Alpine:v3.19samba4.2.0-r0, 4.8.8-r0, 4.8.7-r0
Alpine:v3.16samba0, 3.2.10-r0, 3.2.11-r0
Alpine:v3.13samba3.4.3-r1, 4.8.8-r0, 4.8.7-r0
Alpine:v3.21samba4.10.5-r0, 0, 3.2.10-r0
Alpine:v3.23samba3.5.6-r0, 4.4.4-r0, 4.4.5-r0
Alpine:v3.20samba4.11.2-r1, 4.11.2-r0, 4.11.1-r0
Alpine:v3.15samba4.1.5-r1, 3.6.19-r1, 3.6.19-r0
Alpine:v3.18samba3.4.3-r0, 3.4.3-r1, 3.4.5-r0
Alpine:v3.22samba4.1.13-r0, 4.1.14-r1, 4.1.12-r0
Alpine:v3.14samba3.6.4-r0, 3.5.4-r1, 3.5.6-r3

Timeline

  • Feb 18, 2022 CVE Published
  • Dec 3, 2025 CVE Updated
  • Apr 30, 2026 Distribution Patch

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›