8.0 HIGH
- CVSS version (CVSS): 3.1
- Attack Vector (AV): Adjacent (A)
- Attack Complexity (AC): High (H)
- Privileges Required (PR): None (N)
- User Interaction (UI): None (N)
- Scope (S): Changed (C)
- Confidentiality (C): High (H)
- Integrity (I): High (H)
- Availability (A): None (N)
- Modified Attack Vector (MAV): Adjacent (A)
- Modified Attack Complexity (MAC): High (H)
- Modified Privileges Required (MPR): None (N)
- Modified User Interaction (MUI): None (N)
- Modified Confidentiality (MC): High (H)
- Modified Scope (MS): Changed (C)
- Modified Integrity (MI): High (H)
- Modified Availability (MA): None (N)
Activity log
- Created suggestion
Samba: group policy certificate enrollment uses http:// without validation
A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and install it into the local trust store without proper verification. An attacker with the ability to intercept or redirect network traffic could exploit this behavior to supply a malicious certificate authority certificate, potentially allowing interception or spoofing of trusted communications.
References
Affected products
Matching in nixpkgs
pkgs.samba
Standard Windows interoperability suite of programs for Linux and Unix
pkgs.samba4
Standard Windows interoperability suite of programs for Linux and Unix
pkgs.sambamba
SAM/BAM processing tool
pkgs.sambaFull
Standard Windows interoperability suite of programs for Linux and Unix
pkgs.samba4Full
Standard Windows interoperability suite of programs for Linux and Unix
Package maintainers
-
@aneeshusa Aneesh Agrawal <aneeshusa@gmail.com>
-
@jbedo Justin Bedő <cu@cua0.org>