Vulnerabilities > CVE-2021-3671 - NULL Pointer Dereference vulnerability in multiple products

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
samba
debian
netapp
CWE-476

Summary

A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ (Ticket Granting Server - Request). An authenticated user could use this flaw to crash the samba server.

Vulnerable Configurations

Part Description Count
Application
Samba
554
Application
Netapp
3
OS
Debian
2

Common Weakness Enumeration (CWE)