Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Samba Share Path Definition Escape Vulnerability (CVE-2019-10197)
Information
Severity
Severity
Critical
Family
Family
General
CVSSv2 Base
CVSSv2 Base
9.4
CVSSv2 Vector
CVSSv2 Vector
AV:N/AC:L/Au:N/C:C/I:C/A:N
Solution Type
Solution Type
Vendor Patch
Created
Created
4 years ago
Modified
Modified
4 years ago
Summary
Samba is prone to a share path definition escape vulnerability.
Insight
Insight
Under certain parameter configurations, when an SMB client accesses a network share and the user does not have permission to access the share root directory, it is possible for the user to escape from the share to see the complete '/' filesystem. Unix permission checks in the kernel are still enforced.
Affected Software
Affected Software
Samba versions 4.9.x, 4.10.x and 4.11.x.
Detection Method
Detection Method
Checks if a vulnerable version is present on the target host.
Solution
Solution
Update to version 4.9.13, 4.10.8, 4.11.0rc3 or later.