VDB
CVE-2021-3671
CVE-2021-3671
PUBLISHED
CVSS 8.699999809265137 HIGH
In Samba existieren mehrere Schwachstellen aufgrund von verschiedenen Programmierfehlern und unzureichenden Prüfungen. Ein entfernter, anonymer Angreifer kann durch das Senden speziell gestalteter "TGS-REQ" oder "winbind" Anfragen einen Denial of Service Zustand herbeiführen.
EPSS 5.14% · 90.0th percentile
Risk Scores
CVSS 4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS Score
5.14%
90.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian | Debian Linux | |
| Open Source | Open Source Heimdal < 7.8.0 | |
| Open Source | Open Source Heimdal < 7.7.1 | |
| Ubuntu | Ubuntu Linux |
Exploit Intelligence
- DSA-5287 (circl)
- https://bugzilla.redhat.com/show_bug.cgi?id=2013080%2C (circl)
- https://bugzilla.samba.org/show_bug.cgi?id=14770%2C (circl)
- https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a (circl)
- [debian-lts-announce] 20221126 [SECURITY] [DLA 3206-1] heimdal security update (circl)
- https://security.netapp.com/advisory/ntap-20221215-0002/ (circl)
- https://security.netapp.com/advisory/ntap-20230216-0008/ (circl)
Timeline
- Oct 5, 2021 CVE Published
- Oct 13, 2021 EPSS Score
- Dec 9, 2021 EPSS Score
- Feb 3, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 27, 2022 EPSS Score
- Sep 18, 2022 EPSS Score
- Nov 14, 2022 EPSS Score
- Nov 23, 2022 CVE Updated
- Jan 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2021/wid-sec-w-2022-1714.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1714 advisory
- https://lists.debian.org/debian-lts-announce/2022/11/msg00034.html advisory
- https://lists.debian.org/debian-security-announce/2022/msg00258.html advisory
- https://github.com/heimdal/heimdal/releases/tag/heimdal-7.8.0 advisory
- https://github.com/heimdal/heimdal/releases/tag/heimdal-7.7.1 advisory
- https://www.samba.org/samba/history/samba-4.14.8.html advisory
- https://ubuntu.com/security/notices/USN-5142-2 advisory
- https://ubuntu.com/security/notices/USN-5174-1 advisory
- https://ubuntu.com/security/notices/USN-5174-2 advisory
- https://ubuntu.com/security/notices/USN-5142-3 advisory
- https://ubuntu.com/security/notices/USN-5675-1 advisory
- https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-2372.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-2372 advisory
- https://kunde.genua.de/nc/suche/view/neuer-patch-genugate-105p1-verfuegbar.html?tx_genusupport_content%5Bidentity%5D=0&tx_genusupport_content%5BsearchTerm%5D=&tx_genusupport_content%5BforcePath%5D=&tx_genusupport_content%5Baction%5D=genuSupportSearch&tx_genusupport_content%5Bcontroller%5D=Content&cHash=37a9613baf9adebc3e20772aaa249fc3 advisory
- https://kunde.genua.de/nc/suche/view/neuer-patch-genugate-104p2-verfuegbar.html?tx_genusupport_content%5Bidentity%5D=0&tx_genusupport_content%5BsearchTerm%5D=&tx_genusupport_content%5BforcePath%5D=&tx_genusupport_content%5Baction%5D=genuSupportSearch&tx_genusupport_content%5Bcontroller%5D=Content&cHash=9cc97408444883591a94c7b03271ff7b advisory
- https://kunde.genua.de/nc/suche/view/neuer-patch-genugate-100p12-verfuegbar.html?tx_genusupport_content%5Bidentity%5D=0&tx_genusupport_content%5BsearchTerm%5D=&tx_genusupport_content%5BforcePath%5D=&tx_genusupport_content%5Baction%5D=genuSupportSearch&tx_genusupport_content%5Bcontroller%5D=Content&cHash=ef1c457a05f6f4465cc46f9369fe23d5 advisory