CVE-2020-17049

MITRE NVD CVE.ORG Print: PDF PDF

Summary

CVECVE-2020-17049
StatePUBLIC
Assigner[email protected]
Source PriorityCVE Program / NVD first with legacy fallback
Published2020-11-11 07:15:00 UTC
Updated2023-12-31 19:15:00 UTC
DescriptionKerberos Security Feature Bypass Vulnerability

Risk And Classification

Problem Types: CWE-863

NVD Known Affected Configurations (CPE 2.3)

TypeVendorProductVersionUpdateEditionLanguage
Operating System Microsoft Windows Server 2012 All All All All
Operating System Microsoft Windows Server 2012 r2 All All All
Operating System Microsoft Windows Server 2012 All All All All
Operating System Microsoft Windows Server 2012 r2 All All All
Operating System Microsoft Windows Server 2016 - All All All
Operating System Microsoft Windows Server 2016 1903 All All All
Operating System Microsoft Windows Server 2016 1909 All All All
Operating System Microsoft Windows Server 2016 2004 All All All
Operating System Microsoft Windows Server 2016 20h2 All All All
Operating System Microsoft Windows Server 2016 - All All All
Operating System Microsoft Windows Server 2016 1903 All All All
Operating System Microsoft Windows Server 2016 1909 All All All
Operating System Microsoft Windows Server 2016 2004 All All All
Operating System Microsoft Windows Server 2016 20h2 All All All
Operating System Microsoft Windows Server 2019 - All All All
Operating System Microsoft Windows Server 2019 - All All All
Application Samba Samba All All All All

References

ReferenceSourceLinkTags
Security Update Guide - Microsoft Security Response Center MISC portal.msrc.microsoft.com Patch, Vendor Advisory
Samba: Multiple Vulnerabilities (GLSA 202309-06) — Gentoo security GENTOO security.gentoo.org
oss-security - Fwd: Samba 4.15.2, 4.14.10, 4.13.14 Security Releases are available for Download MLIST www.openwall.com
CVE Program record CVE.ORG www.cve.org canonical
NVD vulnerability detail NVD nvd.nist.gov canonical, analysis

Legacy QID Mappings

  • 160604 Oracle Enterprise Linux Security Update for krb5 (ELSA-2023-2570)
  • 161288 Oracle Enterprise Linux Security Update for idm:dl1 (ELSA-2024-0143)
  • 241462 Red Hat Update for krb5 security (RHSA-2023:2570)
  • 242692 Red Hat Update for idm:dl1 (RHSA-2024:0143)
  • 242699 Red Hat Update for krb5 (RHSA-2024:0252)
  • 282994 Fedora Security Update for libldb (FEDORA-2022-19600c9743)
  • 283042 Fedora Security Update for libldb (FEDORA-2022-1479911a38)
  • 296061 Oracle Solaris 11.4 Support Repository Update (SRU) 42.113.1 Missing (CPUJAN2022)
  • 354257 Amazon Linux Security Advisory for samba : ALAS-2022-1642
  • 354483 Amazon Linux Security Advisory for samba : ALAS2022-2022-213
  • 354554 Amazon Linux Security Advisory for samba : ALAS-2022-213
  • 379636 Alibaba Cloud Linux Security Update for idm:dl1 (ALINUX3-SA-2024:0022)
  • 710751 Gentoo Linux Samba Multiple Vulnerabilities (GLSA 202309-06)
  • 751345 OpenSUSE Security Update for samba and ldb (openSUSE-SU-2021:3647-1)
  • 903863 Common Base Linux Mariner (CBL-Mariner) Security Update for samba (10661)
  • 91780 Microsoft Azure Stack Hub Security Updates - February 2021
  • 941018 AlmaLinux Security Update for krb5 (ALSA-2023:2570)
  • 941538 AlmaLinux Security Update for idm:DL1 (ALSA-2024:0143)
  • 961104 Rocky Linux Security Update for idm:DL1 (RLSA-2024:0143)
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report