VOOZH about

URL: https://nvd.nist.gov/vuln/detail/CVE-2016-2118

⇱ NVD - CVE-2016-2118


  1. Vulnerabilities

CVE-2016-2118 Detail

Modified After Enrichment

This CVE record has been updated after NVD enrichment efforts were completed. Enrichment data supplied by the NVD may require amendment due to these changes.

Description

The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data stream, aka "BADLOCK."


Metrics

 
NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.
CVSS 4.0 Severity and Vector Strings:

NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

URL Source(s) Tag(s)
http://badlock.org/ CVE, Inc., Red Hat Technical Description  Third Party Advisory 
http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182185.html CVE, Inc., Red Hat Mailing List  Third Party Advisory 
http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182272.html CVE, Inc., Red Hat Mailing List  Third Party Advisory 
http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182288.html CVE, Inc., Red Hat Mailing List  Third Party Advisory 
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00020.html CVE, Inc., Red Hat Mailing List  Third Party Advisory 
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00021.html CVE, Inc., Red Hat Mailing List  Third Party Advisory 
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00022.html CVE, Inc., Red Hat Mailing List  Third Party Advisory 
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00023.html CVE, Inc., Red Hat Mailing List  Third Party Advisory 
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00024.html CVE, Inc., Red Hat Mailing List  Third Party Advisory 
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html CVE, Inc., Red Hat Mailing List  Third Party Advisory 
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00047.html CVE, Inc., Red Hat Mailing List  Third Party Advisory 
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00048.html CVE, Inc., Red Hat Mailing List  Third Party Advisory 
http://rhn.redhat.com/errata/RHSA-2016-0611.html CVE, Inc., Red Hat Third Party Advisory 
http://rhn.redhat.com/errata/RHSA-2016-0612.html CVE, Inc., Red Hat Third Party Advisory 
http://rhn.redhat.com/errata/RHSA-2016-0613.html CVE, Inc., Red Hat Third Party Advisory 
http://rhn.redhat.com/errata/RHSA-2016-0614.html CVE, Inc., Red Hat Third Party Advisory 
http://rhn.redhat.com/errata/RHSA-2016-0618.html CVE, Inc., Red Hat Third Party Advisory 
http://rhn.redhat.com/errata/RHSA-2016-0619.html CVE, Inc., Red Hat Third Party Advisory 
http://rhn.redhat.com/errata/RHSA-2016-0620.html CVE, Inc., Red Hat Third Party Advisory 
http://rhn.redhat.com/errata/RHSA-2016-0621.html CVE, Inc., Red Hat Third Party Advisory 
http://rhn.redhat.com/errata/RHSA-2016-0623.html CVE, Inc., Red Hat Third Party Advisory 
http://rhn.redhat.com/errata/RHSA-2016-0624.html CVE, Inc., Red Hat Third Party Advisory 
http://rhn.redhat.com/errata/RHSA-2016-0625.html CVE, Inc., Red Hat Third Party Advisory 
http://www.debian.org/security/2016/dsa-3548 CVE, Inc., Red Hat Third Party Advisory 
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html CVE, Inc., Red Hat Third Party Advisory 
http://www.securityfocus.com/bid/86002 CVE, Inc., Red Hat Third Party Advisory  VDB Entry 
http://www.securitytracker.com/id/1035533 CVE, Inc., Red Hat Third Party Advisory  VDB Entry 
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.458012 CVE, Inc., Red Hat Mailing List  Third Party Advisory 
http://www.ubuntu.com/usn/USN-2950-1 CVE, Inc., Red Hat Third Party Advisory 
http://www.ubuntu.com/usn/USN-2950-2 CVE, Inc., Red Hat Third Party Advisory 
http://www.ubuntu.com/usn/USN-2950-3 CVE, Inc., Red Hat Third Party Advisory 
http://www.ubuntu.com/usn/USN-2950-4 CVE, Inc., Red Hat Third Party Advisory 
http://www.ubuntu.com/usn/USN-2950-5 CVE, Inc., Red Hat Third Party Advisory 
https://access.redhat.com/security/vulnerabilities/badlock CVE, Inc., Red Hat Third Party Advisory 
https://bto.bluecoat.com/security-advisory/sa122 CVE, Inc., Red Hat Third Party Advisory 
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05162399 CVE, Inc., Red Hat Third Party Advisory 
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05166182 CVE, Inc., Red Hat Third Party Advisory 
https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes CVE, Inc., Red Hat Third Party Advisory 
https://kb.netapp.com/support/s/article/ka51A0000008SXzQAM/smb-vulnerabilities-in-multiple-netapp-products CVE, Inc., Red Hat Third Party Advisory 
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40196 CVE, Inc., Red Hat Third Party Advisory 
https://security.gentoo.org/glsa/201612-47 CVE, Inc., Red Hat Third Party Advisory 
https://www.kb.cert.org/vuls/id/813296 CVE, Inc., Red Hat Third Party Advisory  US Government Resource 
https://www.samba.org/samba/history/samba-4.2.10.html CVE, Inc., Red Hat Third Party Advisory 
https://www.samba.org/samba/latest_news.html#4.4.2 CVE, Inc., Red Hat Vendor Advisory 
https://www.samba.org/samba/security/CVE-2016-2118.html CVE, Inc., Red Hat Vendor Advisory 

Weakness Enumeration

CWE-ID CWE Name Source
CWE-254 7PK - Security Features πŸ‘ cwe source acceptance level
NIST  

Known Affected Software Configurations Switch to CPE 2.2

CPEs loading, please wait.

Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.

Change History

20 change records found show changes

CVE Modified by Red Hat, Inc. 6/16/2026 8:43:29 PM

Action Type Old Value New Value
Added Affected
[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]


CVE Status Change 5/06/2026 6:30:45 PM

Action Type Old Value New Value

CVE Modified by CVE 11/20/2024 9:47:52 PM

Action Type Old Value New Value
Added Reference
http://badlock.org/


Added Reference
http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182185.html


Added Reference
http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182272.html


Added Reference
http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182288.html


Added Reference
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00020.html


Added Reference
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00021.html


Added Reference
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00022.html


Added Reference
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00023.html


Added Reference
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00024.html


Added Reference
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html


Added Reference
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00047.html


Added Reference
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00048.html


Added Reference
http://rhn.redhat.com/errata/RHSA-2016-0611.html


Added Reference
http://rhn.redhat.com/errata/RHSA-2016-0612.html


Added Reference
http://rhn.redhat.com/errata/RHSA-2016-0613.html


Added Reference
http://rhn.redhat.com/errata/RHSA-2016-0614.html


Added Reference
http://rhn.redhat.com/errata/RHSA-2016-0618.html


Added Reference
http://rhn.redhat.com/errata/RHSA-2016-0619.html


Added Reference
http://rhn.redhat.com/errata/RHSA-2016-0620.html


Added Reference
http://rhn.redhat.com/errata/RHSA-2016-0621.html


Added Reference
http://rhn.redhat.com/errata/RHSA-2016-0623.html


Added Reference
http://rhn.redhat.com/errata/RHSA-2016-0624.html


Added Reference
http://rhn.redhat.com/errata/RHSA-2016-0625.html


Added Reference
http://www.debian.org/security/2016/dsa-3548


Added Reference
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html


Added Reference
http://www.securityfocus.com/bid/86002


Added Reference
http://www.securitytracker.com/id/1035533


Added Reference
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.458012


Added Reference
http://www.ubuntu.com/usn/USN-2950-1


Added Reference
http://www.ubuntu.com/usn/USN-2950-2


Added Reference
http://www.ubuntu.com/usn/USN-2950-3


Added Reference
http://www.ubuntu.com/usn/USN-2950-4


Added Reference
http://www.ubuntu.com/usn/USN-2950-5


Added Reference
https://access.redhat.com/security/vulnerabilities/badlock


Added Reference
https://bto.bluecoat.com/security-advisory/sa122


Added Reference
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05162399


Added Reference
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05166182


Added Reference
https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes


Added Reference
https://kb.netapp.com/support/s/article/ka51A0000008SXzQAM/smb-vulnerabilities-in-multiple-netapp-products


Added Reference
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40196


Added Reference
https://security.gentoo.org/glsa/201612-47


Added Reference
https://www.kb.cert.org/vuls/id/813296


Added Reference
https://www.samba.org/samba/history/samba-4.2.10.html


Added Reference
https://www.samba.org/samba/latest_news.html#4.4.2


Added Reference
https://www.samba.org/samba/security/CVE-2016-2118.html


CVE Modified by Red Hat, Inc. 5/13/2024 11:54:21 PM

Action Type Old Value New Value

Reanalysis by NIST 8/29/2022 4:20:17 PM

Action Type Old Value New Value
Changed CPE Configuration Record truncated, showing 2048 of 12234 characters.
View Entire Change Record
OR
 *cpe:2.3:a:samba:samba:3.0.0:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:3.0.1:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:3.0.2:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:3.0.2:a:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:3.0.2a:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:3.0.3:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:3.0.4:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:3.0.4:rc1:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:3.0.5:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:3.0.6:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:3.0.7:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:3.0.8:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:3.0.9:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:3.0.10:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:3.0.11:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:3.0.12:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:3.0.13:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:3.0.14:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:3.0.14:a:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:3.0.14a:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:3.0.15:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:3.0.16:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:3.0.17:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:3.0.18:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:3.0.19:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:3.0.20:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:3.0.20:a:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:3.0.20:b:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:3.0.20a:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:3.0.20b:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:3.0.21:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:3.0.21:a:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:3.0.21:b:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:3.0.21:c:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:3.0.21a:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:3.0.21b:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:3.0.21c:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:3.0.22:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:3.0.23:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:3.0.23:a:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:3.0.23:b:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:3.0.23:c:*:*
OR
 *cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:* versions from (including) 3.6.0 up to (excluding) 4.2.10
 *cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:* versions from (including) 4.3.0 up to (excluding) 4.3.7
 *cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:* versions from (including) 4.4.0 up to (excluding) 4.4.1


Changed CPE Configuration
OR
 *cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
 *cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
 *cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*


OR
 *cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
 *cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
 *cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
 *cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
 *cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
 *cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*


Added CPE Configuration
OR
 *cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
 *cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*


Changed Reference Type
http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182185.html Third Party Advisory


http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182185.html Mailing List, Third Party Advisory


Changed Reference Type
http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182272.html Third Party Advisory


http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182272.html Mailing List, Third Party Advisory


Changed Reference Type
http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182288.html Third Party Advisory


http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182288.html Mailing List, Third Party Advisory


Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00020.html Third Party Advisory


http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00020.html Mailing List, Third Party Advisory


Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00021.html Third Party Advisory


http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00021.html Mailing List, Third Party Advisory


Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00022.html Third Party Advisory


http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00022.html Mailing List, Third Party Advisory


Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00023.html Third Party Advisory


http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00023.html Mailing List, Third Party Advisory


Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00024.html Third Party Advisory


http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00024.html Mailing List, Third Party Advisory


Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html Third Party Advisory


http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html Mailing List, Third Party Advisory


Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00047.html Third Party Advisory


http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00047.html Mailing List, Third Party Advisory


Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00048.html Third Party Advisory


http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00048.html Mailing List, Third Party Advisory


Changed Reference Type
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.458012 Third Party Advisory


http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.458012 Mailing List, Third Party Advisory


Changed Reference Type
https://www.samba.org/samba/latest_news.html#4.4.2 Third Party Advisory


https://www.samba.org/samba/latest_news.html#4.4.2 Vendor Advisory


Removed CVSS V2 Metadata
Victim must voluntarily interact with attack mechanism


Modified Analysis by NIST 9/27/2019 1:17:37 PM

Action Type Old Value New Value
Added CVSS V3.1
NIST AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H


Removed CVSS V3
NIST AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H


Changed Reference Type
http://badlock.org/ No Types Assigned


http://badlock.org/ Technical Description, Third Party Advisory


Changed Reference Type
http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182185.html No Types Assigned


http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182185.html Third Party Advisory


Changed Reference Type
http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182272.html No Types Assigned


http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182272.html Third Party Advisory


Changed Reference Type
http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182288.html No Types Assigned


http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182288.html Third Party Advisory


Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00020.html No Types Assigned


http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00020.html Third Party Advisory


Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00021.html No Types Assigned


http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00021.html Third Party Advisory


Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00022.html No Types Assigned


http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00022.html Third Party Advisory


Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00023.html No Types Assigned


http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00023.html Third Party Advisory


Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00024.html No Types Assigned


http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00024.html Third Party Advisory


Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html No Types Assigned


http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html Third Party Advisory


Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00047.html No Types Assigned


http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00047.html Third Party Advisory


Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00048.html No Types Assigned


http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00048.html Third Party Advisory


Changed Reference Type
http://rhn.redhat.com/errata/RHSA-2016-0611.html No Types Assigned


http://rhn.redhat.com/errata/RHSA-2016-0611.html Third Party Advisory


Changed Reference Type
http://rhn.redhat.com/errata/RHSA-2016-0612.html No Types Assigned


http://rhn.redhat.com/errata/RHSA-2016-0612.html Third Party Advisory


Changed Reference Type
http://rhn.redhat.com/errata/RHSA-2016-0613.html No Types Assigned


http://rhn.redhat.com/errata/RHSA-2016-0613.html Third Party Advisory


Changed Reference Type
http://rhn.redhat.com/errata/RHSA-2016-0614.html No Types Assigned


http://rhn.redhat.com/errata/RHSA-2016-0614.html Third Party Advisory


Changed Reference Type
http://rhn.redhat.com/errata/RHSA-2016-0618.html No Types Assigned


http://rhn.redhat.com/errata/RHSA-2016-0618.html Third Party Advisory


Changed Reference Type
http://rhn.redhat.com/errata/RHSA-2016-0619.html No Types Assigned


http://rhn.redhat.com/errata/RHSA-2016-0619.html Third Party Advisory


Changed Reference Type
http://rhn.redhat.com/errata/RHSA-2016-0620.html No Types Assigned


http://rhn.redhat.com/errata/RHSA-2016-0620.html Third Party Advisory


Changed Reference Type
http://rhn.redhat.com/errata/RHSA-2016-0621.html No Types Assigned


http://rhn.redhat.com/errata/RHSA-2016-0621.html Third Party Advisory


Changed Reference Type
http://rhn.redhat.com/errata/RHSA-2016-0623.html No Types Assigned


http://rhn.redhat.com/errata/RHSA-2016-0623.html Third Party Advisory


Changed Reference Type
http://rhn.redhat.com/errata/RHSA-2016-0624.html No Types Assigned


http://rhn.redhat.com/errata/RHSA-2016-0624.html Third Party Advisory


Changed Reference Type
http://rhn.redhat.com/errata/RHSA-2016-0625.html No Types Assigned


http://rhn.redhat.com/errata/RHSA-2016-0625.html Third Party Advisory


Changed Reference Type
http://www.debian.org/security/2016/dsa-3548 No Types Assigned


http://www.debian.org/security/2016/dsa-3548 Third Party Advisory


Changed Reference Type
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html No Types Assigned


http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html Third Party Advisory


Changed Reference Type
http://www.securityfocus.com/bid/86002 No Types Assigned


http://www.securityfocus.com/bid/86002 Third Party Advisory, VDB Entry


Changed Reference Type
http://www.securitytracker.com/id/1035533 No Types Assigned


http://www.securitytracker.com/id/1035533 Third Party Advisory, VDB Entry


Changed Reference Type
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.458012 No Types Assigned


http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.458012 Third Party Advisory


Changed Reference Type
http://www.ubuntu.com/usn/USN-2950-1 No Types Assigned


http://www.ubuntu.com/usn/USN-2950-1 Third Party Advisory


Changed Reference Type
http://www.ubuntu.com/usn/USN-2950-2 No Types Assigned


http://www.ubuntu.com/usn/USN-2950-2 Third Party Advisory


Changed Reference Type
http://www.ubuntu.com/usn/USN-2950-3 No Types Assigned


http://www.ubuntu.com/usn/USN-2950-3 Third Party Advisory


Changed Reference Type
http://www.ubuntu.com/usn/USN-2950-4 No Types Assigned


http://www.ubuntu.com/usn/USN-2950-4 Third Party Advisory


Changed Reference Type
http://www.ubuntu.com/usn/USN-2950-5 No Types Assigned


http://www.ubuntu.com/usn/USN-2950-5 Third Party Advisory


Changed Reference Type
https://access.redhat.com/security/vulnerabilities/badlock No Types Assigned


https://access.redhat.com/security/vulnerabilities/badlock Third Party Advisory


Changed Reference Type
https://bto.bluecoat.com/security-advisory/sa122 No Types Assigned


https://bto.bluecoat.com/security-advisory/sa122 Third Party Advisory


Changed Reference Type
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05162399 No Types Assigned


https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05162399 Third Party Advisory


Changed Reference Type
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05166182 No Types Assigned


https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05166182 Third Party Advisory


Changed Reference Type
https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes No Types Assigned


https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes Third Party Advisory


Changed Reference Type
https://kb.netapp.com/support/s/article/ka51A0000008SXzQAM/smb-vulnerabilities-in-multiple-netapp-products No Types Assigned


https://kb.netapp.com/support/s/article/ka51A0000008SXzQAM/smb-vulnerabilities-in-multiple-netapp-products Third Party Advisory


Changed Reference Type
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40196 No Types Assigned


https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40196 Third Party Advisory


Changed Reference Type
https://security.gentoo.org/glsa/201612-47 No Types Assigned


https://security.gentoo.org/glsa/201612-47 Third Party Advisory


Changed Reference Type
https://www.kb.cert.org/vuls/id/813296 No Types Assigned


https://www.kb.cert.org/vuls/id/813296 Third Party Advisory, US Government Resource


Changed Reference Type
https://www.samba.org/samba/history/samba-4.2.10.html No Types Assigned


https://www.samba.org/samba/history/samba-4.2.10.html Third Party Advisory


Changed Reference Type
https://www.samba.org/samba/latest_news.html#4.4.2 No Types Assigned


https://www.samba.org/samba/latest_news.html#4.4.2 Third Party Advisory


CVE Modified by Red Hat, Inc. 11/30/2018 4:31:39 PM

Action Type Old Value New Value
Added Reference
https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes [No Types Assigned]


CVE Modified by Red Hat, Inc. 7/03/2017 9:29:00 PM

Action Type Old Value New Value
Added Reference
https://kb.netapp.com/support/s/article/ka51A0000008SXzQAM/smb-vulnerabilities-in-multiple-netapp-products [No Types Assigned]


CVE Modified by Red Hat, Inc. 12/30/2016 9:59:38 PM

Action Type Old Value New Value
Added Reference
https://security.gentoo.org/glsa/201612-47 [No Types Assigned]


CVE Modified by Red Hat, Inc. 12/02/2016 10:24:41 PM

Action Type Old Value New Value
Added Reference
http://badlock.org/ [No Types Assigned]


Added Reference
http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182185.html [No Types Assigned]


Added Reference
http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182272.html [No Types Assigned]


Added Reference
http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182288.html [No Types Assigned]


Added Reference
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00020.html [No Types Assigned]


Added Reference
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00021.html [No Types Assigned]


Added Reference
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00022.html [No Types Assigned]


Added Reference
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00023.html [No Types Assigned]


Added Reference
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00024.html [No Types Assigned]


Added Reference
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html [No Types Assigned]


Added Reference
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00047.html [No Types Assigned]


Added Reference
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00048.html [No Types Assigned]


Added Reference
http://www.debian.org/security/2016/dsa-3548 [No Types Assigned]


Added Reference
http://www.securitytracker.com/id/1035533 [No Types Assigned]


Added Reference
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.458012 [No Types Assigned]


Added Reference
http://www.ubuntu.com/usn/USN-2950-1 [No Types Assigned]


Added Reference
http://www.ubuntu.com/usn/USN-2950-2 [No Types Assigned]


Added Reference
https://bto.bluecoat.com/security-advisory/sa122 [No Types Assigned]


Added Reference
https://www.kb.cert.org/vuls/id/813296 [No Types Assigned]


Added Reference
https://www.samba.org/samba/latest_news.html#4.4.2 [No Types Assigned]


CVE Modified by Red Hat, Inc. 11/30/2016 10:08:47 PM

Action Type Old Value New Value
Added Reference
http://rhn.redhat.com/errata/RHSA-2016-0611.html [No Types Assigned]


Added Reference
http://rhn.redhat.com/errata/RHSA-2016-0612.html [No Types Assigned]


Added Reference
http://rhn.redhat.com/errata/RHSA-2016-0613.html [No Types Assigned]


Added Reference
http://rhn.redhat.com/errata/RHSA-2016-0614.html [No Types Assigned]


Added Reference
http://rhn.redhat.com/errata/RHSA-2016-0618.html [No Types Assigned]


Added Reference
http://rhn.redhat.com/errata/RHSA-2016-0619.html [No Types Assigned]


Added Reference
http://rhn.redhat.com/errata/RHSA-2016-0620.html [No Types Assigned]


Added Reference
http://rhn.redhat.com/errata/RHSA-2016-0621.html [No Types Assigned]


Added Reference
http://rhn.redhat.com/errata/RHSA-2016-0623.html [No Types Assigned]


Added Reference
http://rhn.redhat.com/errata/RHSA-2016-0624.html [No Types Assigned]


Added Reference
http://rhn.redhat.com/errata/RHSA-2016-0625.html [No Types Assigned]


Added Reference
http://www.ubuntu.com/usn/USN-2950-3 [No Types Assigned]


Added Reference
http://www.ubuntu.com/usn/USN-2950-4 [No Types Assigned]


Added Reference
https://access.redhat.com/security/vulnerabilities/badlock [No Types Assigned]


Added Reference
https://www.samba.org/samba/history/samba-4.2.10.html [No Types Assigned]


CVE Modified by Red Hat, Inc. 11/28/2016 3:03:24 PM

Action Type Old Value New Value
Added Reference
http://www.securityfocus.com/bid/86002 [No Types Assigned]


CVE Modified by Red Hat, Inc. 10/03/2016 10:07:27 PM

Action Type Old Value New Value
Added Reference
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html


Modified Analysis by NIST 7/07/2016 12:47:26 PM

Action Type Old Value New Value
Added CVSS V3
AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H


Removed CVSS V3
AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N


Added CVSS V2
(AV:N/AC:M/Au:N/C:P/I:P/A:P)


Removed CVSS V2
(AV:N/AC:M/Au:N/C:N/I:P/A:N)


Changed CPE Configuration Record truncated, showing 2048 of 13730 characters.
View Entire Change Record
Configuration 1
 OR
 *cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
 *cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
 *cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
Configuration 2
 OR
 *cpe:2.3:a:samba:samba:4.4.0:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.4.1:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.4.0:rc3:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.4.0:rc2:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.4.0:rc1:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.3.7:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.3.6:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.3.5:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.3.4:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.3.3:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.3.2:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.3.1:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.3.0:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.10:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.9:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.8:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.7:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.6:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.5:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.4:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.3:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.2:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.1:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.0:rc4:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.0:rc3:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.0:rc2:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.0:rc1:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.9:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.8:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.7:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.6:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.5:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.4:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.3:*
Record truncated, showing 2048 of 13730 characters.
View Entire Change Record
Configuration 1
 OR
 *cpe:2.3:a:samba:samba:4.4.0:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.4.1:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.4.0:rc3:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.4.0:rc2:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.4.0:rc1:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.3.7:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.3.6:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.3.5:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.3.4:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.3.3:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.3.2:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.3.1:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.3.0:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.10:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.9:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.8:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.7:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.6:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.5:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.4:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.3:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.2:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.1:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.0:rc4:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.0:rc3:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.0:rc2:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.0:rc1:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.9:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.8:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.7:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.6:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.5:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.4:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.3:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.22:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.21:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.20:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.2:*:*:*:

CVE Modified by Red Hat, Inc. 6/14/2016 10:00:35 PM

Action Type Old Value New Value
Added Reference
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05166182


CVE Modified by Red Hat, Inc. 6/10/2016 10:01:36 PM

Action Type Old Value New Value
Added Reference
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05162399


Modified Analysis by NIST 6/03/2016 6:14:47 PM

Action Type Old Value New Value
Changed CPE Configuration Record truncated, showing 2048 of 13510 characters.
View Entire Change Record
Configuration 1
 OR
 *cpe:2.3:a:samba:samba:4.4.0:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.4.1:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.4.0:rc3:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.4.0:rc2:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.4.0:rc1:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.3.7:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.3.6:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.3.5:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.3.4:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.3.3:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.3.2:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.3.1:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.3.0:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.10:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.9:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.8:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.7:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.6:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.5:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.4:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.3:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.2:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.1:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.0:rc4:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.0:rc3:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.0:rc2:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.0:rc1:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.9:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.8:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.7:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.6:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.5:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.4:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.3:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.22:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.21:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.20:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.2:*:*:*:
Record truncated, showing 2048 of 13730 characters.
View Entire Change Record
Configuration 1
 OR
 *cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
 *cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
 *cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
Configuration 2
 OR
 *cpe:2.3:a:samba:samba:4.4.0:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.4.1:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.4.0:rc3:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.4.0:rc2:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.4.0:rc1:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.3.7:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.3.6:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.3.5:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.3.4:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.3.3:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.3.2:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.3.1:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.3.0:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.10:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.9:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.8:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.7:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.6:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.5:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.4:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.3:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.2:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.1:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.0:rc4:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.0:rc3:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.0:rc2:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.0:rc1:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.9:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.8:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.7:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.6:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.5:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.4:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.3:*

CVE Modified by Red Hat, Inc. 6/02/2016 10:01:29 PM

Action Type Old Value New Value
Added Reference
http://www.ubuntu.com/usn/USN-2950-5


Added Reference
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40196


Modified Analysis by NIST 4/13/2016 10:27:03 AM

Action Type Old Value New Value
Added CVSS V3
AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N


Added CVSS V2
(AV:N/AC:M/Au:N/C:N/I:P/A:N)


Added CWE
CWE-254


Added CPE Configuration Record truncated, showing 2048 of 13510 characters.
View Entire Change Record
Configuration 1
 OR
 *cpe:2.3:a:samba:samba:4.4.0:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.4.1:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.4.0:rc3:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.4.0:rc2:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.4.0:rc1:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.3.7:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.3.6:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.3.5:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.3.4:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.3.3:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.3.2:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.3.1:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.3.0:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.10:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.9:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.8:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.7:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.6:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.5:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.4:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.3:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.2:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.1:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.0:rc4:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.0:rc3:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.0:rc2:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.2.0:rc1:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.9:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.8:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.7:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.6:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.5:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.4:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.3:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.22:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.21:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.20:*:*:*:*:*:*:*
 *cpe:2.3:a:samba:samba:4.1.2:*:*:*:
Changed Reference Type
https://www.samba.org/samba/security/CVE-2016-2118.html No Types Assigned


https://www.samba.org/samba/security/CVE-2016-2118.html Advisory


Initial CVE Analysis 4/13/2016 9:58:43 AM

Action Type Old Value New Value

Quick Info

CVE Dictionary Entry:
CVE-2016-2118
NVD Published Date:
04/12/2016
NVD Last Modified:
06/16/2026
Source:
Red Hat, Inc.