Vulnerability CVE-2021-20208


Published: 2021-04-19   Modified: 2021-04-20

Description:
A flaw was found in cifs-utils in versions before 6.13. A user when mounting a krb5 CIFS file system from within a container can use Kerberos credentials of the host. The highest threat from this vulnerability is to data confidentiality and integrity.

Type:

CWE-266

(Incorrect Privilege Assignment)

 References:
https://bugzilla.redhat.com/show_bug.cgi?id=1921116
https://bugzilla.samba.org/show_bug.cgi?id=14651

Copyright 2021, cxsecurity.com

 

Back to Top