Vulnerabilities > CVE-2023-34968

047910
CVSS 5.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
LOW
Integrity impact
NONE
Availability impact
NONE
network
low complexity
samba
fedoraproject
redhat
debian

Summary

A path disclosure vulnerability was found in Samba. As part of the Spotlight protocol, Samba discloses the server-side absolute path of shares, files, and directories in the results for search queries. This flaw allows a malicious client or an attacker with a targeted RPC request to view the information that is part of the disclosed path.

Vulnerable Configurations

Part Description Count
Application
Samba
621
Application
Redhat
1
OS
Fedoraproject
2
OS
Redhat
2
OS
Debian
2