cvelistv5 - cve-2021-44142

CVE-2021-44142 (GCVE-0-2021-44142)

Vulnerability from cvelistv5

Published

2022-02-21 14:30

Modified

2025-04-23 19:02

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-125 - Out-of-bounds Read
CWE-787 - Out-of-bounds Write

Summary

The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes. A remote attacker with write access to extended file attributes can execute arbitrary code with the privileges of smbd, typically root.

References

URL

Tags

	https://www.samba.org/samba/security/CVE-2021-44142.html
	https://www.zerodayinitiative.com/blog/2022/2/1/cve-2021-44142-details-on-a-samba-code-execution-bug-demonstrated-at-pwn2own-austin
	https://kb.cert.org/vuls/id/119678	third-party-advisory
	https://bugzilla.samba.org/show_bug.cgi?id=14914
	https://security.gentoo.org/glsa/202309-06	vendor-advisory

Impacted products

	Vendor	Product	Version
	Samba	Samba	Version: unspecified < 4.13.17 Version: unspecified < 4.14.12 Version: unspecified < 4.15.5

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T04:17:24.423Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://www.kb.cert.org/vuls/id/119678"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.samba.org/samba/security/CVE-2021-44142.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/blog/2022/2/1/cve-2021-44142-details-on-a-samba-code-execution-bug-demonstrated-at-pwn2own-austin"
          },
          {
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "https://kb.cert.org/vuls/id/119678"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.samba.org/show_bug.cgi?id=14914"
          },
          {
            "name": "GLSA-202309-06",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202309-06"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-44142",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-23T13:30:59.386639Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-23T19:02:19.767Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Samba",
          "vendor": "Samba",
          "versions": [
            {
              "lessThan": "4.13.17",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "4.14.12",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "4.15.5",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2022-01-31T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide \"...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver.\" Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes. A remote attacker with write access to extended file attributes can execute arbitrary code with the privileges of smbd, typically root."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125 Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-09-17T08:06:35.393Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://www.samba.org/samba/security/CVE-2021-44142.html"
        },
        {
          "url": "https://www.zerodayinitiative.com/blog/2022/2/1/cve-2021-44142-details-on-a-samba-code-execution-bug-demonstrated-at-pwn2own-austin"
        },
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://kb.cert.org/vuls/id/119678"
        },
        {
          "url": "https://bugzilla.samba.org/show_bug.cgi?id=14914"
        },
        {
          "name": "GLSA-202309-06",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202309-06"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2021-44142",
    "datePublished": "2022-02-21T14:30:12.659Z",
    "dateReserved": "2021-11-22T00:00:00.000Z",
    "dateUpdated": "2025-04-23T19:02:19.767Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTFR-2022-AVI-091

Vulnerability from certfr_avis

Une vulnérabilité a été découverte dans Synology DiskStation Manager. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

DSM versions 6.2 antérieures à 6.2.4-25556-4

Les produits DSM versions 7.0, DSMUC versions 3.1, VS960HD et SRM versions 1.2 ne sont pas affectés par la vulnérabilité.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Synology SA_22_02 du 27 janvier 2022

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cul\u003e \u003cli\u003eDSM versions 6.2 ant\u00e9rieures \u00e0 6.2.4-25556-4\u003c/li\u003e \u003c/ul\u003e \u003cp\u003eLes produits DSM versions 7.0, DSMUC versions 3.1, VS960HD et SRM versions 1.2 ne sont pas affect\u00e9s par la vuln\u00e9rabilit\u00e9.\u003c/p\u003e ",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-44142",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44142"
    }
  ],
  "initial_release_date": "2022-01-31T00:00:00",
  "last_revision_date": "2022-04-06T00:00:00",
  "links": [],
  "reference": "CERTFR-2022-AVI-091",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-01-31T00:00:00.000000"
    },
    {
      "description": "ajout r\u00e9f\u00e9rence CVE",
      "revision_date": "2022-04-06T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Synology DiskStation Manager.\nElle permet \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Synology DiskStation Manager",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Synology SA_22_02 du 27 janvier 2022",
      "url": "https://www.synology.com/fr-fr/security/advisory/Synology_SA_22_02"
    }
  ]
}

CERTFR-2022-AVI-459

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
IBM	WebSphere	Rational Software Architect Designer for WebSphere Software (RSAD4WS) versions 9.6 à 9.6.1.4 sans le correctif de sécurité Rational-RSA4WS-Java8SR7FP5_RAD_RSA-ifix
IBM	WebSphere	Rational Software Architect Designer for WebSphere Software (RSAD4WS) versions 9.7 à 9.7.0.3 ou 9.7.1 sans le correctif de sécurité Rational-RSA4WS-Java8SR7FP5_RAD_RSA-ifix
IBM	N/A	Rational Software Architect Designer (RSAD) versions 9.7 à 9.7.0.3 ou 9.7.1 sans le correctif de sécurité Rational-RSA-Java8SR7FP5_RAD_RSA-ifix
IBM	Spectrum	IBM Spectrum Scale versions 5.0.x.x antérieures à 5.0.5.14
IBM	WebSphere	WebSphere MQ V5.3 for HP NonStop Server (MIPS and Itanium) versions 5.3.1.x antérieures à 5.3.1.17
IBM	Spectrum	IBM Spectrum Scale versions 5.1.x.x antérieures à 5.1.3.1 ou 5.1.2.3
IBM	N/A	Rational Software Architect Designer (RSAD) versions 9.6 à 9.6.1.4 sans le correctif de sécurité Rational-RSA-Java8SR7FP5_RAD_RSA-ifix

References

Title

Publication Time

Tags

Bulletin de sécurité IBM 6567133 du 12 mai 2022	None	vendor-advisory
Bulletin de sécurité IBM 6585724 du 12 mai 2022	None	vendor-advisory
Bulletin de sécurité IBM 6585728 du 12 mai 2022	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Rational Software Architect Designer for WebSphere Software (RSAD4WS) versions 9.6 \u00e0 9.6.1.4 sans le correctif de s\u00e9curit\u00e9 Rational-RSA4WS-Java8SR7FP5_RAD_RSA-ifix",
      "product": {
        "name": "WebSphere",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Rational Software Architect Designer for WebSphere Software (RSAD4WS) versions 9.7 \u00e0 9.7.0.3 ou 9.7.1 sans le correctif de s\u00e9curit\u00e9 Rational-RSA4WS-Java8SR7FP5_RAD_RSA-ifix",
      "product": {
        "name": "WebSphere",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Rational Software Architect Designer (RSAD) versions 9.7 \u00e0 9.7.0.3 ou 9.7.1 sans le correctif de s\u00e9curit\u00e9 Rational-RSA-Java8SR7FP5_RAD_RSA-ifix",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Spectrum Scale versions 5.0.x.x ant\u00e9rieures \u00e0 5.0.5.14",
      "product": {
        "name": "Spectrum",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "WebSphere MQ V5.3 for HP NonStop Server (MIPS and Itanium) versions 5.3.1.x ant\u00e9rieures \u00e0 5.3.1.17",
      "product": {
        "name": "WebSphere",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Spectrum Scale versions 5.1.x.x ant\u00e9rieures \u00e0 5.1.3.1 ou 5.1.2.3",
      "product": {
        "name": "Spectrum",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Rational Software Architect Designer (RSAD) versions 9.6 \u00e0 9.6.1.4 sans le correctif de s\u00e9curit\u00e9 Rational-RSA-Java8SR7FP5_RAD_RSA-ifix",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-35586",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35586"
    },
    {
      "name": "CVE-2021-35559",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35559"
    },
    {
      "name": "CVE-2021-35565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35565"
    },
    {
      "name": "CVE-2022-21365",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21365"
    },
    {
      "name": "CVE-2021-44142",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44142"
    },
    {
      "name": "CVE-2021-41035",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41035"
    },
    {
      "name": "CVE-2022-21294",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21294"
    },
    {
      "name": "CVE-2022-21341",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21341"
    },
    {
      "name": "CVE-2022-0778",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0778"
    },
    {
      "name": "CVE-2021-35578",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35578"
    },
    {
      "name": "CVE-2022-21340",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21340"
    },
    {
      "name": "CVE-2022-21293",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21293"
    },
    {
      "name": "CVE-2022-21248",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21248"
    },
    {
      "name": "CVE-2021-35564",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35564"
    },
    {
      "name": "CVE-2022-21360",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21360"
    }
  ],
  "initial_release_date": "2022-05-13T00:00:00",
  "last_revision_date": "2022-05-13T00:00:00",
  "links": [],
  "reference": "CERTFR-2022-AVI-459",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-05-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 6567133 du 12 mai 2022",
      "url": "https://www.ibm.com/support/pages/node/6567133"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 6585724 du 12 mai 2022",
      "url": "https://www.ibm.com/support/pages/node/6585724"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 6585728 du 12 mai 2022",
      "url": "https://www.ibm.com/support/pages/node/6585728"
    }
  ]
}

CERTFR-2022-AVI-120

Vulnerability from certfr_avis

Une vulnérabilité a été découverte dans Red Hat Gluster Storage Server. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Red Hat	N/A	Red Hat Gluster Storage Server for On-premise 3 for RHEL 7 x86_64
	Red Hat	N/A	Red Hat Gluster Storage Server for On-premise 3 for RHEL 8 x86_64

References

Title

Publication Time

Tags

Bulletin de sécurité Red Hat RHSA-2022:0457 du 07 février 2022	None	vendor-advisory
Avis de sécurité CERTFR-2022-AVI-096 du 01 février 2022	None	vendor-advisory
Bulletin de sécurité Red Hat RHSA-2022:0458 du 07 février 2022	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Red Hat Gluster Storage Server for On-premise 3 for RHEL 7 x86_64",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Gluster Storage Server for On-premise 3 for RHEL 8 x86_64",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-44142",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44142"
    }
  ],
  "initial_release_date": "2022-02-08T00:00:00",
  "last_revision_date": "2022-02-08T00:00:00",
  "links": [],
  "reference": "CERTFR-2022-AVI-120",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-02-08T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Red Hat Gluster Storage Server.\nElle permet \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Red Hat Gluster Storage Server",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2022:0457 du 07 f\u00e9vrier 2022",
      "url": "https://access.redhat.com/errata/RHSA-2022:0457"
    },
    {
      "published_at": null,
      "title": "Avis de s\u00e9curit\u00e9 CERTFR-2022-AVI-096 du 01 f\u00e9vrier 2022",
      "url": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2022-AVI-096/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2022:0458 du 07 f\u00e9vrier 2022",
      "url": "https://access.redhat.com/errata/RHSA-2022:0458"
    }
  ]
}

CERTFR-2022-AVI-154

Vulnerability from certfr_avis

Une vulnérabilité a été découverte dans IBM IBM Integrated Analytics System. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

IBM Integrated Analytics System versions 1.0.0 à 1.0.27.0 sans le correctif 7.9.21.12.SP6

Le produit Samba est inclus dans IBM Integrated Analytics System.
La section Documentation liste l'avis et le bulletin émis par le CERT-FR qui concernent la vulnérabilité ayant l'identifiant CVE-2021-44142 et amenée par le composant Samba.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité IBM 6556742 du 16 février 2022	None	vendor-advisory
Bulletin CERT-FR du 07 février 2022	-	other
Avis CERT-FR du 01 février 2022	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cul\u003e \u003cli\u003eIBM Integrated Analytics System versions 1.0.0 \u00e0 1.0.27.0 sans le correctif 7.9.21.12.SP6\u003c/li\u003e \u003c/ul\u003e \u003cp\u003eLe produit Samba est inclus dans IBM Integrated Analytics System.\u003cbr /\u003e La section Documentation liste l\u0027avis et le bulletin \u00e9mis par le CERT-FR qui concernent la vuln\u00e9rabilit\u00e9 ayant l\u0027identifiant CVE-2021-44142 et amen\u00e9e par le composant Samba.\u003c/p\u003e ",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-44142",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44142"
    }
  ],
  "initial_release_date": "2022-02-16T00:00:00",
  "last_revision_date": "2022-02-16T00:00:00",
  "links": [
    {
      "title": "Bulletin CERT-FR du 07 f\u00e9vrier 2022",
      "url": "https://www.cert.ssi.gouv.fr/actualite/CERTFR-2022-ACT-005/"
    },
    {
      "title": "Avis CERT-FR du 01 f\u00e9vrier 2022",
      "url": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2022-AVI-096/"
    }
  ],
  "reference": "CERTFR-2022-AVI-154",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-02-16T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans IBM IBM Integrated Analytics\nSystem. Elle permet \u00e0 un attaquant de provoquer une ex\u00e9cution de code\narbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans IBM Integrated Analytics System",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 6556742 du 16 f\u00e9vrier 2022",
      "url": "https://www.ibm.com/support/pages/node/6556742"
    }
  ]
}

CERTFR-2022-AVI-096

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans Samba. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service et une atteinte à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Samba	N/A	Samba versions antérieures à 4.14.12
Samba	N/A	Samba versions antérieures à 4.15.5
Samba	N/A	Samba versions antérieures à 4.13.17

References

Title

Publication Time

Tags

Bulletin de sécurité Samba CVE-2021-44141 du 31 janvier 2022	None	vendor-advisory
Bulletin de sécurité Samba CVE-2021-44142 du 31 janvier 2022	None	vendor-advisory
Bulletin de sécurité Samba CVE-2022-0336 du 31 janvier 2022	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Samba versions ant\u00e9rieures \u00e0 4.14.12",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Samba",
          "scada": false
        }
      }
    },
    {
      "description": "Samba versions ant\u00e9rieures \u00e0 4.15.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Samba",
          "scada": false
        }
      }
    },
    {
      "description": "Samba versions ant\u00e9rieures \u00e0 4.13.17",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Samba",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-44141",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44141"
    },
    {
      "name": "CVE-2022-0336",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0336"
    },
    {
      "name": "CVE-2021-44142",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44142"
    }
  ],
  "initial_release_date": "2022-02-01T00:00:00",
  "last_revision_date": "2022-02-01T00:00:00",
  "links": [],
  "reference": "CERTFR-2022-AVI-096",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-02-01T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Samba. Certaines\nd\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de\ncode arbitraire \u00e0 distance, un d\u00e9ni de service et une atteinte \u00e0\nl\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Samba",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Samba CVE-2021-44141 du 31 janvier 2022",
      "url": "https://www.samba.org/samba/security/CVE-2021-44141.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Samba CVE-2021-44142 du 31 janvier 2022",
      "url": "https://www.samba.org/samba/security/CVE-2021-44142.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Samba CVE-2022-0336 du 31 janvier 2022",
      "url": "https://www.samba.org/samba/security/CVE-2022-0336.html"
    }
  ]
}

CERTFR-2022-AVI-324

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits QNAP. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un contournement de la politique de sécurité et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Qnap	QTS	QTS versions 4.3.6.x antérieures à 4.3.6.1965 build 20220302
Qnap	QuTS hero	QuTS hero versions h5.x antérieures à h5.0.0.1986 build 20220324
Qnap	QuTS hero	QuTS hero versions h4.x antérieures à h4.5.4.1951 build 20220218
Qnap	QTS	QTS versions 4.3.4.x antérieures à 4.3.4.1976 build 20220303
Qnap	N/A	QuTScloud versions c5.0.x antérieures à c5.0.1.1949 (ne corrige pas CVE-2022-0847)
Qnap	QTS	QTS versions 4.3.3.x antérieures à 4.3.3.1945 build 20220303
Qnap	QTS	QTS versions 4.5.4.x antérieures à 4.5.4.1931 build 20220128
Qnap	QTS	QTS versions 5.0.x antérieures à 5.0.0.1986 build 20220324

References

Title

Publication Time

Tags

Bulletin de sécurité QNAP QSA-22-03 du 19 mars 2022	None	vendor-advisory
Bulletin de sécurité QNAP QSA-22-05 du 08 avril 2022	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "QTS versions 4.3.6.x ant\u00e9rieures \u00e0 4.3.6.1965 build 20220302",
      "product": {
        "name": "QTS",
        "vendor": {
          "name": "Qnap",
          "scada": false
        }
      }
    },
    {
      "description": "QuTS hero versions h5.x ant\u00e9rieures \u00e0 h5.0.0.1986 build 20220324",
      "product": {
        "name": "QuTS hero",
        "vendor": {
          "name": "Qnap",
          "scada": false
        }
      }
    },
    {
      "description": "QuTS hero versions h4.x ant\u00e9rieures \u00e0 h4.5.4.1951 build 20220218",
      "product": {
        "name": "QuTS hero",
        "vendor": {
          "name": "Qnap",
          "scada": false
        }
      }
    },
    {
      "description": "QTS versions 4.3.4.x ant\u00e9rieures \u00e0 4.3.4.1976 build 20220303",
      "product": {
        "name": "QTS",
        "vendor": {
          "name": "Qnap",
          "scada": false
        }
      }
    },
    {
      "description": "QuTScloud versions c5.0.x ant\u00e9rieures \u00e0 c5.0.1.1949 (ne corrige pas CVE-2022-0847)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Qnap",
          "scada": false
        }
      }
    },
    {
      "description": "QTS versions 4.3.3.x ant\u00e9rieures \u00e0 4.3.3.1945 build 20220303",
      "product": {
        "name": "QTS",
        "vendor": {
          "name": "Qnap",
          "scada": false
        }
      }
    },
    {
      "description": "QTS versions 4.5.4.x ant\u00e9rieures \u00e0 4.5.4.1931 build 20220128",
      "product": {
        "name": "QTS",
        "vendor": {
          "name": "Qnap",
          "scada": false
        }
      }
    },
    {
      "description": "QTS versions 5.0.x ant\u00e9rieures \u00e0 5.0.0.1986 build 20220324",
      "product": {
        "name": "QTS",
        "vendor": {
          "name": "Qnap",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-44141",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44141"
    },
    {
      "name": "CVE-2022-0847",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0847"
    },
    {
      "name": "CVE-2022-0336",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0336"
    },
    {
      "name": "CVE-2021-44142",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44142"
    }
  ],
  "initial_release_date": "2022-04-08T00:00:00",
  "last_revision_date": "2022-04-08T00:00:00",
  "links": [],
  "reference": "CERTFR-2022-AVI-324",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-04-08T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits QNAP.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un contournement de la\npolitique de s\u00e9curit\u00e9 et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits QNAP",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 QNAP QSA-22-03 du 19 mars 2022",
      "url": "https://www.qnap.com/fr-fr/security-advisory/qsa-22-03"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 QNAP QSA-22-05 du 08 avril 2022",
      "url": "https://www.qnap.com/fr-fr/security-advisory/qsa-22-05"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2021-44142 (GCVE-0-2021-44142)

Vulnerability from cvelistv5

CERTFR-2022-AVI-091

Vulnerability from certfr_avis

Solution

CERTFR-2022-AVI-459

Vulnerability from certfr_avis

Solution

CERTFR-2022-AVI-120

Vulnerability from certfr_avis

Solution

CERTFR-2022-AVI-154

Vulnerability from certfr_avis

Solution

CERTFR-2022-AVI-096

Vulnerability from certfr_avis

Solution

CERTFR-2022-AVI-324

Vulnerability from certfr_avis

Solution

Tags

Sightings

Nomenclature