VDB

ALPINE-CVE-2023-4154

ALPINE-CVE-2023-4154 PUBLISHED CVSS 6.5 MEDIUM

A design flaw was found in Samba's DirSync control implementation, which exposes passwords and secrets in Active Directory to privileged users and Read-Only Domain Controllers (RODCs). This flaw allows RODCs and users possessing the GET_CHANGES right to access all attributes, including sensitive secrets and passwords. Even in a default setup, RODC DC accounts, which should only replicate some passwords, can gain access to all domain secrets, including the vital krbtgt, effectively eliminating the RODC / DC distinction. Furthermore, the vulnerability fails to account for error conditions (fail open), like out-of-memory situations, potentially granting access to secret attributes, even under low-privileged attacker influence.

Risk Scores

CVSS 3.1
6.5
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected Products

VendorProductVersions
Alpine:v3.19samba4.8.8-r0, 4.8.7-r0, 4.8.5-r0
Alpine:v3.23samba0, 3.2.10-r0, 3.2.11-r0
Alpine:v3.21samba0, 4.8.8-r0, 4.8.7-r0
Alpine:v3.20samba4.1.3-r2, 4.8.8-r0, 4.8.7-r0
Alpine:v3.22samba3.2.11-r0, 4.1.0-r1, 4.1.0-r2
Alpine:v3.18samba4.8.8-r0, 4.8.7-r0, 4.8.5-r0

Timeline

  • Nov 7, 2023 CVE Published
  • Dec 3, 2025 CVE Updated
  • Apr 30, 2026 Distribution Patch
Open in Interactive Console →
$ Console Community · 100/wk Open console ›