VID |
23306 |
Severity |
30 |
Port |
139 |
Protocol |
TCP |
Class |
Samba |
Detailed Description |
The version of Samba running on the remote host is 4.10.x prior to 4.10.10. It is, therefore, affected by a password complexity check bypass vulnerability. An authenticated attacker could use this flaw to change their password to a weak password that fails the configured password complexity check.
* References: https://www.samba.org/samba/security/CVE-2019-14833.html
* Platforms Affected: Samba Project, Samba versions 4.10.x before 4.10.10 Linux Any version Unix Any version |
Recommendation |
Upgrade to the latest version of Samba 4.10.10 or later, available from the Samba Web site at https://www.samba.org/samba/download/ |
Related URL |
CVE-2019-14833 (CVE) |
Related URL |
(SecurityFocus) |
Related URL |
(ISS) |
|