Synology-SA-18:08 Samba
Publish Time: 2018-03-14 16:54:07 UTC+8
Last Updated: 2018-03-27 16:03:27 UTC+8
- Severity
- Important
- Status
- Resolved
Abstract
CVE-2018-1057 allows remote authenticated users to change other users' passwords via a susceptible version of Synology DiskStation Manager (DSM) with Active Directory Server installed.
Synology rates the overall severity as Important according to CVSS v3.0 metrics. However, the vulnerable functionality is disabled by default and there is no user interface to activate this option. Synology decides to postpone the fix until the upcoming update within the next 90 days.
Affected Products
| Product | Severity | Fixed Release Availability |
|---|---|---|
| Active Directory Server | Important | Upgrade DSM 6.1 to 6.1.6-15266. |
Mitigation
If you need immediate assistance, please contact security@synology.com.
Detail
- CVE-2018-1057
- Severity: Important
- CVSS3 Base Score: 7.5
- CVSS3 Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/RL:T
- On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 onwards incorrectly validates permissions to modify passwords over LDAP allowing authenticated users to change any other users' passwords, including administrative users and privileged service accounts (eg Domain Controllers).
Reference
- https://www.samba.org/samba/security/CVE-2018-1057.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1057
Revision
| Revision | Date | Description |
|---|---|---|
| 1 | 2018-03-14 | Initial public release. |
| 2 | 2018-03-27 | Update for Active Directory Server is now available in Affected Products. |