DEBIAN-CVE-2021-20208

DEBIAN-CVE-2021-20208 PUBLISHED CVSS 6.099999904632568 MEDIUM

A flaw was found in cifs-utils in versions before 6.13. A user when mounting a krb5 CIFS file system from within a container can use Kerberos credentials of the host. The highest threat from this vulnerability is to data confidentiality and integrity.

Risk Scores

CVSS v3.1

6.099999904632568

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N

Affected Products

Vendor	Product	Versions
Debian:13	cifs-utils	0, 0, 0
Debian:11	cifs-utils	0, 0, 0
Debian:12	cifs-utils	0, 0, 0
Debian:14	cifs-utils	0, 0, 0

Timeline

Apr 19, 2021 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2021-20208 advisory

Open in Interactive Console →