← Back

CVE-2013-0454

nvd nist
Published: Mar 26, 2013Modified: Apr 29, 2026

JSON object

Loading...
4.0
Vector
AV:N/AC:L/Au:S/C:N/I:P/A:N
Exploitability: 8.0 / Impact: 2.9
Source: NVD

Description

The SMB2 implementation in Samba 3.6.x before 3.6.6, as used on the IBM Storwize V7000 Unified 1.3 before 1.3.2.3 and 1.4 before 1.4.0.1 and possibly other products, does not properly enforce CIFS share attributes, which allows remote authenticated users to (1) write to a read-only share; (2) trigger data-integrity problems related to the oplock, locking, coherency, or leases attribute; or (3) have an unspecified impact by leveraging incorrect handling of the browseable or "hide unreadable" parameter.

Affected (9)

Canonical
1 product
Ubuntu Linux
Samba
1 product
Samba
Ibm
1 product
Storwize
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Ubuntu Linux
Version 12.04
Configuration B
8 vulnerable
Vulnerable SoftwareAffected Versions
Samba
Samba
Up to 3.6.5
Samba
Version 3.6.0
Samba
Version 3.6.1
Samba
Version 3.6.2
Samba
Version 3.6.3
Samba
Version 3.6.4
Ibm
Storwize
Version v7000 1.3
Storwize
Version v7000 1.4

Related CWEs

CWE-264
CWE-264

References (14)

Source: psirt@us.ibm.com
Vendor Advisory
Source: psirt@us.ibm.com
Vendor Advisory
Source: psirt@us.ibm.com
Source: psirt@us.ibm.com
Source: psirt@us.ibm.com
Source: psirt@us.ibm.com
Source: psirt@us.ibm.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.