{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Samba ist eine Open Source Software Suite, die Druck- und Dateidienste f\u00fcr SMB/CIFS Clients implementiert.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Samba ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Dateien zu manipulieren oder vertrauliche Informationen offenzulegen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- UNIX",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2023-2620 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2620.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2023-2620 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2620"
      },
      {
        "category": "external",
        "summary": "QNAP Security Advisory QSA-23-20 vom 2023-12-08",
        "url": "https://www.qnap.com/de-de/security-advisory/QSA-23-20"
      },
      {
        "category": "external",
        "summary": "Gentoo Linux Security Advisory GLSA-202402-28 vom 2024-02-19",
        "url": "https://security.gentoo.org/glsa/202402-28"
      },
      {
        "category": "external",
        "summary": "Samba release notes 4.19.1 vom 2023-10-10",
        "url": "https://www.samba.org/samba/history/samba-4.19.1.html"
      },
      {
        "category": "external",
        "summary": "Samba release notes 4.18.8 vom 2023-10-10",
        "url": "https://www.samba.org/samba/history/samba-4.18.8.html"
      },
      {
        "category": "external",
        "summary": "Samba release notes 4.17.12 vom 2023-10-10",
        "url": "https://www.samba.org/samba/history/samba-4.17.12.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6425-1 vom 2023-10-10",
        "url": "https://ubuntu.com/security/notices/USN-6425-1"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2023:4040-1 vom 2023-10-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-October/016619.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2023:4046-1 vom 2023-10-11",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-October/016626.html"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2023-99444E494B vom 2023-10-11",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-99444e494b"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6425-2 vom 2023-10-11",
        "url": "https://ubuntu.com/security/notices/USN-6425-2"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-5525 vom 2023-10-12",
        "url": "https://www.debian.org/security/2023/dsa-5525"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2023-FFF0C857D6 vom 2023-10-11",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-fff0c857d6"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2023-7EB8CBF1A5 vom 2023-10-11",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-7eb8cbf1a5"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2023:4059-1 vom 2023-10-13",
        "url": "https://www.suse.com/support/update/announcement/2023/suse-su-20234059-1/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2023:4096-1 vom 2023-10-17",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-October/016714.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6425-3 vom 2023-10-17",
        "url": "https://ubuntu.com/security/notices/USN-6425-3"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:6209 vom 2023-10-31",
        "url": "https://access.redhat.com/errata/RHSA-2023:6209"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:6744 vom 2023-11-07",
        "url": "https://access.redhat.com/errata/RHSA-2023:6744"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2023-6744 vom 2023-11-16",
        "url": "https://linux.oracle.com/errata/ELSA-2023-6744.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:7408 vom 2023-11-21",
        "url": "https://access.redhat.com/errata/RHSA-2023:7408"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:7371 vom 2023-11-21",
        "url": "https://access.redhat.com/errata/RHSA-2023:7371"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:7464 vom 2023-11-23",
        "url": "https://access.redhat.com/errata/RHSA-2023:7464"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:7467 vom 2023-11-23",
        "url": "https://access.redhat.com/errata/RHSA-2023:7467"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2023-7467 vom 2023-11-27",
        "url": "https://linux.oracle.com/errata/ELSA-2023-7467.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS-2023-2367 vom 2023-12-05",
        "url": "https://alas.aws.amazon.com/AL2/ALAS-2023-2367.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS-2023-1896 vom 2023-12-05",
        "url": "https://www.cybersecurity-help.cz/vdb/SB2023120539"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-5647 vom 2024-03-24",
        "url": "https://lists.debian.org/debian-security-announce/2024/msg00055.html"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7145367 vom 2024-03-27",
        "url": "https://www.ibm.com/support/pages/node/7145367"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7148094 vom 2024-04-11",
        "url": "https://www.ibm.com/support/pages/node/7148094"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-3792 vom 2024-04-22",
        "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html"
      }
    ],
    "source_lang": "en-US",
    "title": "Samba: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-04-22T22:00:00.000+00:00",
      "generator": {
        "date": "2024-04-23T08:03:44.961+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.0"
        }
      },
      "id": "WID-SEC-W-2023-2620",
      "initial_release_date": "2023-10-10T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2023-10-10T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2023-10-11T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Fedora, Ubuntu und Debian aufgenommen"
        },
        {
          "date": "2023-10-12T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2023-10-17T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von SUSE und Ubuntu aufgenommen"
        },
        {
          "date": "2023-10-31T23:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2023-11-07T23:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2023-11-16T23:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2023-11-21T23:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2023-11-22T23:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2023-11-27T23:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2023-12-04T23:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2023-12-05T23:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2023-12-10T23:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von QNAP aufgenommen"
        },
        {
          "date": "2024-02-18T23:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von Gentoo aufgenommen"
        },
        {
          "date": "2024-03-24T23:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2024-03-27T23:00:00.000+00:00",
          "number": "16",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-04-11T22:00:00.000+00:00",
          "number": "17",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-04-22T22:00:00.000+00:00",
          "number": "18",
          "summary": "Neue Updates von Debian aufgenommen"
        }
      ],
      "status": "final",
      "version": "18"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Amazon Linux 2",
            "product": {
              "name": "Amazon Linux 2",
              "product_id": "398363",
              "product_identification_helper": {
                "cpe": "cpe:/o:amazon:linux_2:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Amazon"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Fedora Linux",
            "product": {
              "name": "Fedora Linux",
              "product_id": "74185",
              "product_identification_helper": {
                "cpe": "cpe:/o:fedoraproject:fedora:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Fedora"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Gentoo Linux",
            "product": {
              "name": "Gentoo Linux",
              "product_id": "T012167",
              "product_identification_helper": {
                "cpe": "cpe:/o:gentoo:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Gentoo"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "7.5",
                "product": {
                  "name": "IBM QRadar SIEM 7.5",
                  "product_id": "T022954",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:qradar_siem:7.5"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c7.5.0 UP8",
                "product": {
                  "name": "IBM QRadar SIEM \u003c7.5.0 UP8",
                  "product_id": "T033681",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:qradar_siem:7.5.0_up8"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "QRadar SIEM"
          }
        ],
        "category": "vendor",
        "name": "IBM"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c4.19.1",
                "product": {
                  "name": "Open Source Samba \u003c4.19.1",
                  "product_id": "T030418",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:samba:samba:4.19.1"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c4.18.8",
                "product": {
                  "name": "Open Source Samba \u003c4.18.8",
                  "product_id": "T030419",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:samba:samba:4.18.8"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c4.17.12",
                "product": {
                  "name": "Open Source Samba \u003c4.17.12",
                  "product_id": "T030420",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:samba:samba:4.17.12"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Samba"
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "QNAP NAS",
            "product": {
              "name": "QNAP NAS",
              "product_id": "T017100",
              "product_identification_helper": {
                "cpe": "cpe:/h:qnap:nas:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "QNAP"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-3961",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in Samba. Dieser Fehler existiert im smbd, der Client-Zugriff auf Unix-Domain-Sockets im Dateisystem erlaubt. Ein entfernter Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T022954",
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T033681",
          "398363",
          "T012167",
          "T004914",
          "74185",
          "T017100"
        ]
      },
      "release_date": "2023-10-10T22:00:00Z",
      "title": "CVE-2023-3961"
    },
    {
      "cve": "CVE-2023-4091",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in Samba. Dieser Fehler besteht in der SMB-Komponente, die es Benutzern erm\u00f6glicht, Dateien auf 0 Bytes abzuschneiden, indem sie Dateien mit OVERWRITE-Verf\u00fcgung \u00f6ffnen, wenn sie das Samba-VFS-Modul acl_xattr verwenden. Ein entfernter, authentifizierter Angreifer kann diese Schwachstelle ausnutzen, um Dateien zu manipulieren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T022954",
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T033681",
          "398363",
          "T012167",
          "T004914",
          "74185",
          "T017100"
        ]
      },
      "release_date": "2023-10-10T22:00:00Z",
      "title": "CVE-2023-4091"
    },
    {
      "cve": "CVE-2023-4154",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in Samba. Dieser Fehler besteht, weil ein RODC oder ein Benutzer mit den GET_CHANGES-Rechten alle Attribute, einschlie\u00dflich Geheimnisse und Passw\u00f6rter, einsehen kann. Ein entfernter, authentifizierter Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen offenzulegen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T022954",
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T033681",
          "398363",
          "T012167",
          "T004914",
          "74185",
          "T017100"
        ]
      },
      "release_date": "2023-10-10T22:00:00Z",
      "title": "CVE-2023-4154"
    },
    {
      "cve": "CVE-2023-42669",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in Samba. Dieser Fehler besteht im \"rpcecho\"-Entwicklungsserver aufgrund einer unsachgem\u00e4\u00dfen Einschr\u00e4nkung der bereitgestellten \"worker\". Ein entfernter, authentifizierter Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T022954",
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T033681",
          "398363",
          "T012167",
          "T004914",
          "74185",
          "T017100"
        ]
      },
      "release_date": "2023-10-10T22:00:00Z",
      "title": "CVE-2023-42669"
    },
    {
      "cve": "CVE-2023-42670",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in Samba. Dieser Fehler besteht im AD DC, der den Start mehrerer inkompatibler RPC-Listener erzwingen kann, was zu einer Unterbrechung des Dienstes f\u00fchrt. Ein entfernter, authentifizierter Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T022954",
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T033681",
          "398363",
          "T012167",
          "T004914",
          "74185",
          "T017100"
        ]
      },
      "release_date": "2023-10-10T22:00:00Z",
      "title": "CVE-2023-42670"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "SolarWinds Security Event Manager ist eine L\u00f6sung zur Analyse von Protokolldaten.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer oder authentifizierter Angreifer kann mehrere Schwachstellen in SolarWinds Security Event Manager ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- UNIX\n- Linux\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-0523 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0523.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-0523 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0523"
      },
      {
        "category": "external",
        "summary": "Github Security Advisory vom 2024-02-29",
        "url": "https://github.com/advisories/GHSA-3fj5-f9x9-2hvx"
      },
      {
        "category": "external",
        "summary": "Solarwinds Release Notes vom 2024-02-29",
        "url": "https://documentation.solarwinds.com/en/success_center/sem/content/release_notes/sem_2023-4-1_release_notes.htm"
      }
    ],
    "source_lang": "en-US",
    "title": "SolarWinds Security Event Manager: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-02-29T23:00:00.000+00:00",
      "generator": {
        "date": "2024-03-01T12:35:55.234+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.0"
        }
      },
      "id": "WID-SEC-W-2024-0523",
      "initial_release_date": "2024-02-29T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-02-29T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c 2023.4.1",
                "product": {
                  "name": "SolarWinds Security Event Manager \u003c 2023.4.1",
                  "product_id": "T033207",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:solarwinds:security_event_manager:2023.4.1"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Security Event Manager"
          }
        ],
        "category": "vendor",
        "name": "SolarWinds"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-0692",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in SolarWinds Security Event Manager. Ein entfernter, anonymer Angreifer aus dem lokalen Netzwerk kann diese Schwachstelle zur Ausf\u00fchrung von beliebigem Code ausnutzen."
        }
      ],
      "release_date": "2024-02-29T23:00:00Z",
      "title": "CVE-2024-0692"
    },
    {
      "cve": "CVE-2023-48795",
      "notes": [
        {
          "category": "description",
          "text": "Im SolarWinds Security Event Manager gibt es mehrere Schwachstellen in Third Party Applications. Die Schwachstellen bestehen in den Komponenten Samba und SSH aufgrund eines m\u00f6glichen Terrapin-Angriffs, einer Pfadumgehung, einer defekten Zugriffskontrolle und St\u00f6rungen im AD DC-Dienst. Ein anonymer oder authentifizierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen und vertrauliche Informationen offenzulegen."
        }
      ],
      "release_date": "2024-02-29T23:00:00Z",
      "title": "CVE-2023-48795"
    },
    {
      "cve": "CVE-2023-42670",
      "notes": [
        {
          "category": "description",
          "text": "Im SolarWinds Security Event Manager gibt es mehrere Schwachstellen in Third Party Applications. Die Schwachstellen bestehen in den Komponenten Samba und SSH aufgrund eines m\u00f6glichen Terrapin-Angriffs, einer Pfadumgehung, einer defekten Zugriffskontrolle und St\u00f6rungen im AD DC-Dienst. Ein anonymer oder authentifizierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen und vertrauliche Informationen offenzulegen."
        }
      ],
      "release_date": "2024-02-29T23:00:00Z",
      "title": "CVE-2023-42670"
    },
    {
      "cve": "CVE-2023-4154",
      "notes": [
        {
          "category": "description",
          "text": "Im SolarWinds Security Event Manager gibt es mehrere Schwachstellen in Third Party Applications. Die Schwachstellen bestehen in den Komponenten Samba und SSH aufgrund eines m\u00f6glichen Terrapin-Angriffs, einer Pfadumgehung, einer defekten Zugriffskontrolle und St\u00f6rungen im AD DC-Dienst. Ein anonymer oder authentifizierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen und vertrauliche Informationen offenzulegen."
        }
      ],
      "release_date": "2024-02-29T23:00:00Z",
      "title": "CVE-2023-4154"
    },
    {
      "cve": "CVE-2023-3961",
      "notes": [
        {
          "category": "description",
          "text": "Im SolarWinds Security Event Manager gibt es mehrere Schwachstellen in Third Party Applications. Die Schwachstellen bestehen in den Komponenten Samba und SSH aufgrund eines m\u00f6glichen Terrapin-Angriffs, einer Pfadumgehung, einer defekten Zugriffskontrolle und St\u00f6rungen im AD DC-Dienst. Ein anonymer oder authentifizierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen und vertrauliche Informationen offenzulegen."
        }
      ],
      "release_date": "2024-02-29T23:00:00Z",
      "title": "CVE-2023-3961"
    }
  ]
}

{
  "GSD": {
    "alias": "CVE-2023-42670",
    "id": "GSD-2023-42670"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2023-42670"
      ],
      "details": "A flaw was found in Samba. It is susceptible to a vulnerability where multiple incompatible RPC listeners can be initiated, causing disruptions in the AD DC service. When Samba\u0027s RPC server experiences a high load or unresponsiveness, servers intended for non-AD DC purposes (for example, NT4-emulation \"classic DCs\") can erroneously start and compete for the same unix domain sockets. This issue leads to partial query responses from the AD DC, causing issues such as \"The procedure number is out of range\" when using tools like Active Directory Users. This flaw allows an attacker to disrupt AD DC services.",
      "id": "GSD-2023-42670",
      "modified": "2023-12-13T01:20:21.499229Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2023-42670",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "samba",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "not down converted",
                          "x_cve_json_5_version_data": {
                            "versions": [
                              {
                                "status": "unaffected",
                                "version": "4.19.1"
                              },
                              {
                                "status": "unaffected",
                                "version": "4.18.8"
                              },
                              {
                                "status": "unaffected",
                                "version": "4.17.12"
                              }
                            ]
                          }
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            },
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Red Hat Enterprise Linux 6",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "not down converted",
                          "x_cve_json_5_version_data": {
                            "defaultStatus": "unaffected"
                          }
                        },
                        {
                          "version_value": "not down converted",
                          "x_cve_json_5_version_data": {
                            "defaultStatus": "unaffected"
                          }
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Red Hat Enterprise Linux 7",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "not down converted",
                          "x_cve_json_5_version_data": {
                            "defaultStatus": "unaffected"
                          }
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Red Hat Enterprise Linux 8",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "not down converted",
                          "x_cve_json_5_version_data": {
                            "defaultStatus": "unaffected"
                          }
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Red Hat Enterprise Linux 9",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "not down converted",
                          "x_cve_json_5_version_data": {
                            "defaultStatus": "unaffected"
                          }
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Red Hat Storage 3",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "not down converted",
                          "x_cve_json_5_version_data": {
                            "defaultStatus": "unaffected"
                          }
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Red Hat"
            },
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Fedora",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "not down converted",
                          "x_cve_json_5_version_data": {
                            "defaultStatus": "affected"
                          }
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Fedora"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A flaw was found in Samba. It is susceptible to a vulnerability where multiple incompatible RPC listeners can be initiated, causing disruptions in the AD DC service. When Samba\u0027s RPC server experiences a high load or unresponsiveness, servers intended for non-AD DC purposes (for example, NT4-emulation \"classic DCs\") can erroneously start and compete for the same unix domain sockets. This issue leads to partial query responses from the AD DC, causing issues such as \"The procedure number is out of range\" when using tools like Active Directory Users. This flaw allows an attacker to disrupt AD DC services."
          }
        ]
      },
      "impact": {
        "cvss": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-400",
                "lang": "eng",
                "value": "Uncontrolled Resource Consumption"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://access.redhat.com/security/cve/CVE-2023-42670",
            "refsource": "MISC",
            "url": "https://access.redhat.com/security/cve/CVE-2023-42670"
          },
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2241885",
            "refsource": "MISC",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241885"
          },
          {
            "name": "https://bugzilla.samba.org/show_bug.cgi?id=15473",
            "refsource": "MISC",
            "url": "https://bugzilla.samba.org/show_bug.cgi?id=15473"
          },
          {
            "name": "https://www.samba.org/samba/security/CVE-2023-42670.html",
            "refsource": "MISC",
            "url": "https://www.samba.org/samba/security/CVE-2023-42670.html"
          },
          {
            "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZUMVALLFFDFC53JZMUWA6HPD7HUGAP5I/",
            "refsource": "MISC",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZUMVALLFFDFC53JZMUWA6HPD7HUGAP5I/"
          },
          {
            "name": "https://security.netapp.com/advisory/ntap-20231124-0002/",
            "refsource": "MISC",
            "url": "https://security.netapp.com/advisory/ntap-20231124-0002/"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "4.19.1",
                "versionStartIncluding": "4.19.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "4.18.8",
                "versionStartIncluding": "4.18.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "4.17.12",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2023-42670"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A flaw was found in Samba. It is susceptible to a vulnerability where multiple incompatible RPC listeners can be initiated, causing disruptions in the AD DC service. When Samba\u0027s RPC server experiences a high load or unresponsiveness, servers intended for non-AD DC purposes (for example, NT4-emulation \"classic DCs\") can erroneously start and compete for the same unix domain sockets. This issue leads to partial query responses from the AD DC, causing issues such as \"The procedure number is out of range\" when using tools like Active Directory Users. This flaw allows an attacker to disrupt AD DC services."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2241885",
              "refsource": "MISC",
              "tags": [
                "Issue Tracking"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241885"
            },
            {
              "name": "https://www.samba.org/samba/security/CVE-2023-42670.html",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://www.samba.org/samba/security/CVE-2023-42670.html"
            },
            {
              "name": "https://bugzilla.samba.org/show_bug.cgi?id=15473",
              "refsource": "MISC",
              "tags": [
                "Issue Tracking"
              ],
              "url": "https://bugzilla.samba.org/show_bug.cgi?id=15473"
            },
            {
              "name": "https://access.redhat.com/security/cve/CVE-2023-42670",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2023-42670"
            },
            {
              "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZUMVALLFFDFC53JZMUWA6HPD7HUGAP5I/",
              "refsource": "MISC",
              "tags": [
                "Mailing List"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZUMVALLFFDFC53JZMUWA6HPD7HUGAP5I/"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20231124-0002/",
              "refsource": "",
              "tags": [],
              "url": "https://security.netapp.com/advisory/ntap-20231124-0002/"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2023-11-24T09:15Z",
      "publishedDate": "2023-11-03T08:15Z"
    }
  }
}

{
  "affected": [],
  "aliases": [
    "CVE-2023-42670"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-11-03T08:15:07Z",
    "severity": "MODERATE"
  },
  "details": "A flaw was found in Samba. It is susceptible to a vulnerability where multiple incompatible RPC listeners can be initiated, causing disruptions in the AD DC service. When Samba\u0027s RPC server experiences a high load or unresponsiveness, servers intended for non-AD DC purposes (for example, NT4-emulation \"classic DCs\") can erroneously start and compete for the same unix domain sockets. This issue leads to partial query responses from the AD DC, causing issues such as \"The procedure number is out of range\" when using tools like Active Directory Users. This flaw allows an attacker to disrupt AD DC services.",
  "id": "GHSA-5qvm-gfmw-9v64",
  "modified": "2023-11-03T09:32:49Z",
  "published": "2023-11-03T09:32:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-42670"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2023-42670"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241885"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.samba.org/show_bug.cgi?id=15473"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZUMVALLFFDFC53JZMUWA6HPD7HUGAP5I"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20231124-0002"
    },
    {
      "type": "WEB",
      "url": "https://www.samba.org/samba/security/CVE-2023-42670.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}