CVE-2020-25721
Summary
| CVE | CVE-2020-25721 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2022-03-16 15:15:00 UTC |
| Updated | 2023-09-17 09:15:00 UTC |
| Description | Kerberos acceptors need easy access to stable AD identifiers (eg objectSid). Samba as an AD DC now provides a way for Linux applications to obtain a reliable SID (and samAccountName) in issued tickets. |
Risk And Classification
Problem Types: CWE-20
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Samba - Security Announcement Archive | MISC | www.samba.org | |
| Samba: Multiple Vulnerabilities (GLSA 202309-06) — Gentoo security | GENTOO | security.gentoo.org | |
| 2021728 – (CVE-2020-25721) CVE-2020-25721 samba: Kerberos acceptors need easy access to stableAD identifiers (eg objectSid) | MISC | bugzilla.redhat.com | |
| 14725 – [SECURITY] Andrew's Kerberos Concerns (November 9 2021) | MISC | bugzilla.samba.org | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 178884 Debian Security Update for samba (DSA 5003-1)
- 198583 Ubuntu Security Notification for Samba Vulnerability (USN-5142-1)
- 282091 Fedora Security Update for freeipa (FEDORA-2021-1d77047c61)
- 282156 Fedora Security Update for freeipa (FEDORA-2021-12af2614da)
- 296061 Oracle Solaris 11.4 Support Repository Update (SRU) 42.113.1 Missing (CPUJAN2022)
- 354310 Amazon Linux Security Advisory for samba : ALAS2022-2022-022
- 354496 Amazon Linux Security Advisory for samba : ALAS2022-2022-224
- 354550 Amazon Linux Security Advisory for samba : ALAS-2022-224
- 501490 Alpine Linux Security Update for samba
- 501779 Alpine Linux Security Update for samba
- 502027 Alpine Linux Security Update for samba
- 504394 Alpine Linux Security Update for samba
- 671280 EulerOS Security Update for samba (EulerOS-SA-2022-1246)
- 671315 EulerOS Security Update for samba (EulerOS-SA-2022-1258)
- 671372 EulerOS Security Update for samba (EulerOS-SA-2022-1295)
- 671384 EulerOS Security Update for samba (EulerOS-SA-2022-1311)
- 690244 Free Berkeley Software Distribution (FreeBSD) Security Update for samba (646923b0-41c7-11ec-a3b2-005056a311d1)
- 710751 Gentoo Linux Samba Multiple Vulnerabilities (GLSA 202309-06)
- 751345 OpenSUSE Security Update for samba and ldb (openSUSE-SU-2021:3647-1)