CVE-2023-0225

MEDIUM4.3EPSS 0.41%

Published: 4/3/2023Modified: 4/28/2026

Description

A flaw was found in Samba. An incomplete access check on dnsHostName allows authenticated but otherwise unprivileged users to delete this attribute from any object in the directory.

Affected packages (2)

Alpine/sambafrom 0, < 4.18.1-r0
Debian/sambafrom 0

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	MEDIUM4.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

References (2)

ADVISORYhttps://security.alpinelinux.org/vuln/CVE-2023-0225
ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2023-0225