CVE-2023-0225

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-0225

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-0225.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-0225

Downstream

ALPINE-CVE-2023-0225

DEBIAN-CVE-2023-0225

OESA-2023-1233

SUSE-SU-2023:1687-1

SUSE-SU-2023:1689-1

UBUNTU-CVE-2023-0225

openSUSE-SU-2024:12831-1

Related

Published

2023-04-03T23:15:06Z

Modified

2025-10-10T04:22:15.824057Z

Severity

4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N CVSS Calculator

Summary

[none]

Details

A flaw was found in Samba. An incomplete access check on dnsHostName allows authenticated but otherwise unprivileged users to delete this attribute from any object in the directory.

References

Affected packages

Git / github.com/samba-team/samba

Affected ranges

Type: GIT
Repo: https://github.com/samba-team/samba
Events: Introduced

fbec737d9d3d992b54f52defcba62a304efef8f7

Fixed

2761e60b563891ab2a382d519b3884f31f6f541d

Affected versions

ldb-2.*

ldb-2.6.2

samba-4.*

samba-4.17.0

samba-4.17.1

samba-4.17.2

samba-4.17.3

samba-4.17.4

samba-4.17.5

samba-4.17.6