VDB

CVE-2021-20208

CVE-2021-20208 PUBLISHED

A flaw was found in cifs-utils in versions before 6.13. A user when mounting a krb5 CIFS file system from within a container can use Kerberos credentials of the host. The highest threat from this vulnerability is to data confidentiality and integrity.

EPSS 0.27% · 51.0th percentile

Risk Scores

EPSS Score
0.27%
51.0th percentile

Affected Products

VendorProductVersions
Ubuntu:Pro:14.04:LTScifs-utils0, 2:6.0-1ubuntu2
Ubuntu:Pro:16.04:LTScifs-utils2:6.4-1ubuntu1, 0, *
Ubuntu:20.04:LTScifs-utils0, 2:6.9-1, 2:6.9-1ubuntu0.1
Ubuntu:18.04:LTScifs-utils*, *, 0

Timeline

  • Apr 19, 2021 CVE Published
  • Apr 20, 2021 EPSS Score
  • Jun 28, 2021 EPSS Score
  • Aug 30, 2021 EPSS Score
  • Oct 11, 2021 EPSS Score
  • Oct 31, 2021 EPSS Score
  • Jan 1, 2022 EPSS Score
  • Jan 6, 2022 EPSS Score
  • Feb 4, 2022 EPSS Score
  • Apr 1, 2022 EPSS Score
  • May 6, 2022 EPSS Score
  • Jul 7, 2022 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›