CVE-2022-3592

A symlink following vulnerability was found in Samba, where a user can create a symbolic link that will make 'smbd' escape the configured share path. This flaw allows a remote user with access to the exported part of the file system under a share via SMB1 unix extensions or NFS to create symlinks to files outside the 'smbd' configured share path and gain access to another restricted server's filesystem.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*

Information

Published : 2023-01-12 07:15

Updated : 2023-01-19 23:59


NVD link : CVE-2022-3592

Mitre link : CVE-2022-3592


JSON object : View

CWE
CWE-61

UNIX Symbolic Link (Symlink) Following

Advertisement

dedicated server usa

Products Affected

fedoraproject

  • fedora

samba

  • samba