CVE-2021-20208 vulnerability in Samba and Other Products
Published on April 19, 2021

A flaw was found in cifs-utils in versions before 6.13. A user when mounting a krb5 CIFS file system from within a container can use Kerberos credentials of the host. The highest threat from this vulnerability is to data confidentiality and integrity.

Vendor Advisory Vendor Advisory Vendor Advisory NVD

Weakness Type

Incorrect Privilege Assignment

A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.

Products Associated with CVE-2021-20208

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2021-20208 are published in these products:

Samba Cifs Utils

Red Hat Enterprise Linux (RHEL)

Fedora Project Fedora

Canonical Ubuntu Linux

Exploit Probability

EPSS

0.37%

Percentile

58.71%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2021-20208 vulnerability in Samba and Other ProductsPublished on April 19, 2021

Weakness Type

Incorrect Privilege Assignment

Products Associated with CVE-2021-20208

Exploit Probability

CVE-2021-20208 vulnerability in Samba and Other Products
Published on April 19, 2021