VDB
DEBIAN-CVE-2023-34968
DEBIAN-CVE-2023-34968
PUBLISHED
CVSS 5.300000190734863 MEDIUM
A path disclosure vulnerability was found in Samba. As part of the Spotlight protocol, Samba discloses the server-side absolute path of shares, files, and directories in the results for search queries. This flaw allows a malicious client or an attacker with a targeted RPC request to view the information that is part of the disclosed path.
Risk Scores
CVSS v3.1
5.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:12 | samba | 0, 2:4.17.10+dfsg-0+deb12u1~bpo11+1, 2:4.17.8+dfsg-2 |
| Debian:11 | samba | 2:4.13.13+dfsg-1~deb11u5, *, * |
| Debian:13 | samba | 0, 0, 0 |
| Debian:14 | samba | 0, 0, 0 |
Timeline
- Jul 20, 2023 CVE Published
- Apr 28, 2026 CVE Updated