Samba Vulnerability CVE-2021-44142

1 Minute to read

Print
Share
Dark
Light
PDF

Article Summary

Share feedback

Thanks for sharing your feedback!

Vulnerability Description

CVE-2021-44142 is a privilege escalation vulnerability that allows remote attackers to execute arbitrary code on affected installations of Samba. Access as a user that has write access to a file's extended attributes is required to exploit this vulnerability.

Vulnerability Details

Publication Date: Jan 31 2022

Vulnerability Link: Samba - Security Announcement Archive

NVD CVSS Score: 9.9

Affected CTERA Products

CTERA Edge Filer (All versions)

Analysis

This vulnerability is considered critical, as a logged in user that has write access to a file's extended attributes may execute arbitrary code .

CTERA products other than CTERA Edge Filers are not affected.

Workaround

No workaround is available

Permanent Solution

CTERA Edge Filer 7.0.1783.28, contains a fix for this issue. Customers who have not upgraded to this or a higher version are advised to schedule a short maintenance window for installing this patch version on their filers.

Vulnerability Remediation

Was this article helpful?

What's Next

Security Vulnerability CVE-2021-4034 (Polkit (Pwnkit))

Table of contents

Vulnerability Description
Vulnerability Details
Affected CTERA Products
Related Articles