CVE-2019-14847 MEDIUM

CVE-2019-14847

Vendor Samba
Product samba
Weakness CWE-476
Published November 6, 2019
Last update August 5, 2024

CVSS base score

4.9/10
Attack vector Network
Attack complexity Low
Privileges required High
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

A flaw was found in samba 4.0.0 before samba 4.9.15 and samba 4.10.x before 4.10.10. An attacker can crash AD DC LDAP server via dirsync resulting in denial of service. Privilege escalation is not possible with this issue.

Key dates

02Disclosure timeline

November 6, 2019 CVE published
August 5, 2024 Record updated