CVE-2018-1057
8.8
HIGH
CVSS 3.1
EPSS 7.7%
Description
On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 onwards incorrectly validates permissions to modify passwords over LDAP allowing authenticated users to change any other users' passwords, including administrative users and privileged service accounts (eg Domain Controllers).
How to fix CVE-2018-1057
To remediate CVE-2018-1057, upgrade the affected package to a fixed version below.
- Alpine/samba—upgrade to 4.7.6-r0 or later
- —upgrade to 2:4.7.4+dfsg-2 or later
Is CVE-2018-1057 being exploited?
Moderate — EPSS is 7.7%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (2)
- from 0, < 4.7.6-r0
- from 0, < 2:4.7.4+dfsg-2
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH8.8 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |