{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-04T23:14:22.416","vulnerabilities":[{"cve":{"id":"CVE-2019-3870","sourceIdentifier":"secalert@redhat.com","published":"2019-04-09T16:29:01.867","lastModified":"2025-01-14T19:29:55.853","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was found in Samba from version (including) 4.9 to versions before 4.9.6 and 4.10.2. During the creation of a new Samba AD DC, files are created in a private subdirectory of the install location. This directory is typically mode 0700, that is owner (root) only access. However in some upgraded installations it will have other permissions, such as 0755, because this was the default before Samba 4.8. Within this directory, files are created with mode 0666, which is world-writable, including a sample krb5.conf, and the list of DNS names and servicePrincipalName values to update."},{"lang":"es","value":"Se encontró una vulnerabilidad en Samba desde la versión 4.9 (incluida) hasta las versiones anteriores a la 4.9.6 y 4.10.2. Durante la creación de un nuevo Samba AD DC, los archivos se crean en un subdirectorio privado de la ubicación de instalación. Este directorio es típicamente el modo 0700, es decir, acceso sólo para administradores (root). Sin embargo, en algunas instalaciones actualizadas tendrá otros permisos, como el 0755, ya que éste era el predeterminado en versiones de Samba anteriores a la 4.8. Dentro de este directorio, los archivos se crean con el modo 0666, en el que cualquiera puede escribir, incluyendo un ejemplo de krb5.conf, y la lista de nombres DNS y valores de servicePrincipalName para actualizar."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":4.2}],"cvssMetricV30":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":4.2}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:N/I:P/A:P","baseScore":3.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"LOW","exploitabilityScore":3.9,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-276"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-276"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*","versionStartIncluding":"4.9.0","versionEndExcluding":"4.9.6","matchCriteriaId":"FB5809AF-3124-4475-A102-896C8909149C"},{"vulnerable":true,"criteria":"cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*","versionStartIncluding":"4.10.0","versionEndExcluding":"4.10.2","matchCriteriaId":"08F84037-A781-469C-B023-952B56E0C26E"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","matchCriteriaId":"D100F7CE-FC64-4CC6-852A-6136D72DA419"},{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","matchCriteriaId":"97A4B8DF-58DA-4AB6-A1F9-331B36409BA3"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:synology:directory_server:-:*:*:*:*:*:*:*","matchCriteriaId":"83512426-0B96-43E2-AFBA-592B25E61676"},{"vulnerable":true,"criteria":"cpe:2.3:a:synology:router_manager:1.2:*:*:*:*:*:*:*","matchCriteriaId":"85F6D2BF-23EA-4D44-8126-64EA85184D38"},{"vulnerable":true,"criteria":"cpe:2.3:o:synology:diskstation_manager:5.2:*:*:*:*:*:*:*","matchCriteriaId":"01527614-8A68-48DC-B0A0-F4AA99489221"},{"vulnerable":true,"criteria":"cpe:2.3:o:synology:diskstation_manager:6.1:*:*:*:*:*:*:*","matchCriteriaId":"3D04EA1A-F8E0-415B-8786-1C8C0F08E132"},{"vulnerable":true,"criteria":"cpe:2.3:o:synology:diskstation_manager:6.2:*:*:*:*:*:*:*","matchCriteriaId":"D9685B12-824F-42AD-B87C-6E7A78BB7FA5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:synology:skynas_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"53EF087B-D7E9-4F9A-803A-B0260C495C67"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:synology:skynas:-:*:*:*:*:*:*:*","matchCriteriaId":"D0A88A76-CF8A-4D29-B480-E5317219072D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:synology:vs960hd_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.3.6-1720","matchCriteriaId":"F300E1F1-D61A-46A6-8A9E-F3270CFA77F6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:synology:vs960hd:-:*:*:*:*:*:*:*","matchCriteriaId":"1CCBDFF9-AF42-4681-879B-CF789EBAD130"}]}]}],"references":[{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3870","source":"secalert@redhat.com","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://bugzilla.samba.org/show_bug.cgi?id=13834","source":"secalert@redhat.com","tags":["Exploit","Issue Tracking","Patch","Vendor Advisory"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6354GALK73CZWQKFUG7AWB6EIEGFMF62/","source":"secalert@redhat.com"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JTJVFA3RZ6G2IZDTVKLHRMX6QBYA4GPA/","source":"secalert@redhat.com"},{"url":"https://support.f5.com/csp/article/K20804356","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://www.samba.org/samba/security/CVE-2019-3870.html","source":"secalert@redhat.com","tags":["Mitigation","Patch","Vendor Advisory"]},{"url":"https://www.synology.com/security/advisory/Synology_SA_19_15","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3870","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://bugzilla.samba.org/show_bug.cgi?id=13834","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Patch","Vendor Advisory"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6354GALK73CZWQKFUG7AWB6EIEGFMF62/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JTJVFA3RZ6G2IZDTVKLHRMX6QBYA4GPA/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://support.f5.com/csp/article/K20804356","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.samba.org/samba/security/CVE-2019-3870.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mitigation","Patch","Vendor Advisory"]},{"url":"https://www.synology.com/security/advisory/Synology_SA_19_15","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}