{"id":"CVE-2017-12151","details":"A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB3. The connection could lose the requirement for signing and encrypting to any DFS redirects, allowing an attacker to read or alter the contents of the connection via a man-in-the-middle attack.","modified":"2026-05-15T12:03:02.242625772Z","published":"2018-07-27T12:29:00.223Z","related":["SUSE-SU-2017:2650-1","SUSE-SU-2017:2695-1","SUSE-SU-2017:2704-1","SUSE-SU-2017:2726-1","SUSE-SU-2017:2971-1","SUSE-SU-2017:3155-1","openSUSE-SU-2024:11365-1"],"database_specific":{"unresolved_ranges":[{"cpes":["cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"],"vendor_product":"debian:debian_linux","extracted_events":[{"last_affected":"8.0"},{"last_affected":"9.0"}],"source":"CPE_FIELD"},{"cpes":["cpe:2.3:a:hp:cifs_server:b.04.05.11.00:*:*:*:*:*:*:*"],"vendor_product":"hp:cifs_server","extracted_events":[{"last_affected":"b.04.05.11.00"}],"source":"CPE_FIELD"},{"cpes":["cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"],"vendor_product":"redhat:enterprise_linux","extracted_events":[{"last_affected":"7.0"}],"source":"CPE_FIELD"},{"cpes":["cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"],"vendor_product":"redhat:enterprise_linux_desktop","extracted_events":[{"last_affected":"7.0"}],"source":"CPE_FIELD"},{"cpes":["cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"],"vendor_product":"redhat:enterprise_linux_server_aus","extracted_events":[{"last_affected":"7.4"}],"source":"CPE_FIELD"},{"cpes":["cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"],"vendor_product":"redhat:enterprise_linux_server_eus","extracted_events":[{"last_affected":"7.4"},{"last_affected":"7.5"}],"source":"CPE_FIELD"},{"cpes":["cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"],"vendor_product":"redhat:enterprise_linux_workstation","extracted_events":[{"last_affected":"7.0"}],"source":"CPE_FIELD"}]},"references":[{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/100917"},{"type":"ADVISORY","url":"http://www.securitytracker.com/id/1039401"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:2790"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:2858"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20170921-0001/"},{"type":"ADVISORY","url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03817en_us"},{"type":"ADVISORY","url":"https://www.debian.org/security/2017/dsa-3983"},{"type":"ADVISORY","url":"https://www.samba.org/samba/security/CVE-2017-12151.html"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12151"}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}]}