Vulnerability Name: | CVE-2022-29869 (CCN-225341) | ||||||||||||||||||||||||||||||||
Assigned: | 2022-04-26 | ||||||||||||||||||||||||||||||||
Published: | 2022-04-26 | ||||||||||||||||||||||||||||||||
Updated: | 2022-10-05 | ||||||||||||||||||||||||||||||||
Summary: | cifs-utils through 6.14, with verbose logging, can cause an information leak when a file contains = (equal sign) characters but is not a valid credentials file. | ||||||||||||||||||||||||||||||||
CVSS v3 Severity: | 5.3 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) 4.6 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C)
6.5 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)
| ||||||||||||||||||||||||||||||||
CVSS v2 Severity: | 4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N)
| ||||||||||||||||||||||||||||||||
Vulnerability Type: | CWE-668 | ||||||||||||||||||||||||||||||||
Vulnerability Consequences: | Obtain Information | ||||||||||||||||||||||||||||||||
References: | Source: MITRE Type: CNA CVE-2022-29869 Source: XF Type: UNKNOWN cifsutils-cve202229869-info-disc(225341) Source: CCN Type: cifs-utils GIT Repository mount.cifs: fix verbose messages on option parsing Source: MISC Type: Patch, Third Party Advisory https://github.com/piastry/cifs-utils/commit/8acc963a2e7e9d63fe1f2e7f73f5a03f83d9c379 Source: MISC Type: Patch, Third Party Advisory https://github.com/piastry/cifs-utils/pull/7 Source: MLIST Type: Mailing List, Third Party Advisory [debian-lts-announce] 20220516 [SECURITY] [DLA 3009-1] cifs-utils security update Source: FEDORA Type: Mailing List, Third Party Advisory FEDORA-2022-34de4f833d Source: FEDORA Type: Mailing List, Third Party Advisory FEDORA-2022-7fda04ab5a Source: FEDORA Type: Mailing List, Third Party Advisory FEDORA-2022-eb2d3ca94d Source: DEBIAN Type: Third Party Advisory DSA-5157 Source: CCN Type: Mend Vulnerability Database CVE-2022-29869 | ||||||||||||||||||||||||||||||||
Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration 3: ![]() | ||||||||||||||||||||||||||||||||
Oval Definitions | |||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||
BACK |