CVE-2023-3347 in Samba情報

要約

〜によって MITRE • 2023年07月20日

A vulnerability was found in Samba's SMB2 packet signing mechanism. The SMB2 packet signing is not enforced if an admin configured "server signing = required" or for SMB2 connections to Domain Controllers where SMB2 packet signing is mandatory. This flaw allows an attacker to perform attacks, such as a man-in-the-middle attack, by intercepting the network traffic and modifying the SMB2 messages between client and server, affecting the integrity of the data.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

責任者

Red Hat, Inc.

予約する

2023年06月21日

モデレーション

承諾済み

エントリ

VDB-235089

EPSS

0.00390

アクティビティ

非常低い

ソース

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!