{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-23T12:03:14.711","vulnerabilities":[{"cve":{"id":"CVE-2019-3880","sourceIdentifier":"secalert@redhat.com","published":"2019-04-09T16:29:01.927","lastModified":"2024-11-21T04:42:47.070","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation of a new file in the Samba share. Versions before 4.8.11, 4.9.6 and 4.10.2 are vulnerable."},{"lang":"es","value":"Se encontró un fallo en la forma en que samba implementó RPC endpoint, que emula la API de servicios de registro de Windows. Un atacante sin privilegios podría usar este defecto para crear un nuevo archivo de registro hive en cualquier lugar que tenga permisos Unix, lo que podría llevar a la creación de un nuevo archivo en el recurso compartido de Samba. Las versiones anteriores a la 4.8.11, 4.9.6 y 4.10.2 son vulnerables."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":2.5}],"cvssMetricV30":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L","baseScore":4.2,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.6,"impactScore":2.5}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:N/I:P/A:P","baseScore":5.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*","versionStartIncluding":"3.2.0","versionEndExcluding":"4.8.11","matchCriteriaId":"B33E07C7-A04B-46B3-A0DD-C01376F908D7"},{"vulnerable":true,"criteria":"cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*","versionStartIncluding":"4.9.0","versionEndExcluding":"4.9.6","matchCriteriaId":"FB5809AF-3124-4475-A102-896C8909149C"},{"vulnerable":true,"criteria":"cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*","versionStartIncluding":"4.10.0","versionEndExcluding":"4.10.2","matchCriteriaId":"08F84037-A781-469C-B023-952B56E0C26E"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:gluster_storage:3.0:*:*:*:*:*:*:*","matchCriteriaId":"F1986832-44C9-491E-A75D-AAD8FAE683E6"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"142AD0DD-4CF3-4D74-9442-459CE3347E3A"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","matchCriteriaId":"DC1BD7B7-6D88-42B8-878E-F1318CA5FCAF"},{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","matchCriteriaId":"D100F7CE-FC64-4CC6-852A-6136D72DA419"},{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","matchCriteriaId":"97A4B8DF-58DA-4AB6-A1F9-331B36409BA3"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","matchCriteriaId":"5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3"}]}]}],"references":[{"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00050.html","source":"secalert@redhat.com","tags":["Mailing List","Patch","Third Party Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00106.html","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2019:1966","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2019:1967","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2019:2099","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2019:3582","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3880","source":"secalert@redhat.com","tags":["Issue Tracking","Mitigation","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2019/04/msg00013.html","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6354GALK73CZWQKFUG7AWB6EIEGFMF62/","source":"secalert@redhat.com"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSRLRO7BPRFETVFZ4TVJL2VFZEPHKJY4/","source":"secalert@redhat.com"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JTJVFA3RZ6G2IZDTVKLHRMX6QBYA4GPA/","source":"secalert@redhat.com"},{"url":"https://security.netapp.com/advisory/ntap-20190411-0004/","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://support.f5.com/csp/article/K20804356","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://www.samba.org/samba/security/CVE-2019-3880.html","source":"secalert@redhat.com","tags":["Mitigation","Patch","Vendor Advisory"]},{"url":"https://www.synology.com/security/advisory/Synology_SA_19_15","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/security/cve/cve-2019-3880","source":"nvd@nist.gov","tags":["Mitigation","Third Party Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00050.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Patch","Third Party Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00106.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2019:1966","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2019:1967","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2019:2099","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2019:3582","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3880","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Mitigation","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2019/04/msg00013.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6354GALK73CZWQKFUG7AWB6EIEGFMF62/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSRLRO7BPRFETVFZ4TVJL2VFZEPHKJY4/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JTJVFA3RZ6G2IZDTVKLHRMX6QBYA4GPA/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://security.netapp.com/advisory/ntap-20190411-0004/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://support.f5.com/csp/article/K20804356","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.samba.org/samba/security/CVE-2019-3880.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mitigation","Patch","Vendor Advisory"]},{"url":"https://www.synology.com/security/advisory/Synology_SA_19_15","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}