CVE-2021-43566 Information

Description

All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled or the share also available via NFS in order for this attack to succeed.

CVSS Vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N

Reference

https://bugzilla.samba.org/show_bug.cgi?id=13979 https://www.samba.org/samba/security/CVE-2021-43566.html https://security.netapp.com/advisory/ntap-20220110-0001/

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

LOW

Base Score

NONE

Base Severity

2.5