{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-04T20:07:09.826","vulnerabilities":[{"cve":{"id":"CVE-2016-2125","sourceIdentifier":"secalert@redhat.com","published":"2018-10-31T20:29:00.247","lastModified":"2024-11-21T02:47:52.913","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"It was found that Samba before versions 4.5.3, 4.4.8, 4.3.13 always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba to other services or domain users."},{"lang":"es","value":"Se ha descubierto que Samba, en versiones anteriores a la 4.5.3, 4.4.8 y 4.3.13, siempre solicitaba tickets que podían reenviarse al emplear la autenticación de Kerberos. Un servicio al que Samba se ha autenticado con Kerberos podría emplear el ticket para suplantar Samba con otros usuarios de servicios o dominios."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV30":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N","baseScore":6.4,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":5.2}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:A/AC:L/Au:N/C:P/I:N/A:N","baseScore":3.3,"accessVector":"ADJACENT_NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.5,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-287"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0.25","versionEndExcluding":"4.3.13","matchCriteriaId":"4A8F34E8-7040-4DB7-9979-DD2D20C8D03C"},{"vulnerable":true,"criteria":"cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*","versionStartIncluding":"4.4.0","versionEndExcluding":"4.4.8","matchCriteriaId":"9A963A86-CAF4-4882-B9DC-E9C7CDA2764C"},{"vulnerable":true,"criteria":"cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*","versionStartIncluding":"4.5.0","versionEndExcluding":"4.5.3","matchCriteriaId":"6044E13A-532E-403E-AA23-4A77771D2094"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:gluster_storage:3.0:*:*:*:*:*:*:*","matchCriteriaId":"F1986832-44C9-491E-A75D-AAD8FAE683E6"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","matchCriteriaId":"EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","matchCriteriaId":"33C068A4-3780-4EAB-A937-6082DF847564"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","matchCriteriaId":"9BBCD86A-E6C7-4444-9D74-F861084090F0"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","matchCriteriaId":"51EF4996-72F4-4FA4-814F-F5991E7A8318"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","matchCriteriaId":"D99A687E-EAE6-417E-A88E-D0082BC194CD"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*","matchCriteriaId":"B353CE99-D57C-465B-AAB0-73EF581127D1"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","matchCriteriaId":"A8442C20-41F9-47FD-9A12-E724D3A31FD7"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","matchCriteriaId":"9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","matchCriteriaId":"A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*","matchCriteriaId":"BF77CDCF-B9C9-427D-B2BF-36650FB2148C"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*","matchCriteriaId":"24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*","matchCriteriaId":"B76AA310-FEC7-497F-AF04-C3EC1E76C4CC"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","matchCriteriaId":"E5ED5807-55B7-47C5-97A6-03233F4FBC3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","matchCriteriaId":"825ECE2D-E232-46E0-A047-074B34DB1E97"}]}]}],"references":[{"url":"http://rhn.redhat.com/errata/RHSA-2017-0494.html","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"http://rhn.redhat.com/errata/RHSA-2017-0495.html","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"http://rhn.redhat.com/errata/RHSA-2017-0662.html","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"http://rhn.redhat.com/errata/RHSA-2017-0744.html","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"http://www.securityfocus.com/bid/94988","source":"secalert@redhat.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1037494","source":"secalert@redhat.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://access.redhat.com/errata/RHSA-2017:1265","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-2125","source":"secalert@redhat.com","tags":["Issue Tracking","Mitigation","Third Party Advisory"]},{"url":"https://www.samba.org/samba/security/CVE-2016-2125.html","source":"secalert@redhat.com","tags":["Mitigation","Patch","Vendor Advisory"]},{"url":"http://rhn.redhat.com/errata/RHSA-2017-0494.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://rhn.redhat.com/errata/RHSA-2017-0495.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://rhn.redhat.com/errata/RHSA-2017-0662.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://rhn.redhat.com/errata/RHSA-2017-0744.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://www.securityfocus.com/bid/94988","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1037494","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://access.redhat.com/errata/RHSA-2017:1265","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-2125","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Mitigation","Third Party Advisory"]},{"url":"https://www.samba.org/samba/security/CVE-2016-2125.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mitigation","Patch","Vendor Advisory"]}]}}]}