CVE-2013-0214

Source
https://nvd.nist.gov/vuln/detail/CVE-2013-0214
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2013-0214.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2013-0214
Related
Published
2013-02-02T20:55:03Z
Modified
2024-09-18T01:00:22Z
Summary
[none]
Details

Cross-site request forgery (CSRF) vulnerability in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.21, 3.6.x before 3.6.12, and 4.x before 4.0.2 allows remote attackers to hijack the authentication of arbitrary users by leveraging knowledge of a password and composing requests that perform SWAT actions.

References

Affected packages

Debian:11 / samba

Package

Name
samba
Purl
pkg:deb/debian/samba?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:3.6.6-5

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / samba

Package

Name
samba
Purl
pkg:deb/debian/samba?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:3.6.6-5

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / samba

Package

Name
samba
Purl
pkg:deb/debian/samba?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:3.6.6-5

Ecosystem specific

{
    "urgency": "not yet assigned"
}