{"id":"CVE-2017-12163","details":"An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of server memory cannot be controlled by the attacker.","modified":"2026-05-15T12:03:02.225328540Z","published":"2018-07-26T16:29:00.263Z","related":["SUSE-SU-2017:2650-1","SUSE-SU-2017:2695-1","SUSE-SU-2017:2704-1","SUSE-SU-2017:2715-1","SUSE-SU-2017:2726-1","SUSE-SU-2017:2971-1","SUSE-SU-2017:3155-1","openSUSE-SU-2024:11365-1"],"database_specific":{"unresolved_ranges":[{"source":"CPE_FIELD","vendor_product":"debian:debian_linux","extracted_events":[{"last_affected":"8.0"},{"last_affected":"9.0"}],"cpes":["cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"]},{"source":"CPE_FIELD","vendor_product":"redhat:enterprise_linux_desktop","cpes":["cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"],"extracted_events":[{"last_affected":"6.0"},{"last_affected":"7.0"}]},{"source":"CPE_FIELD","vendor_product":"redhat:enterprise_linux_server","cpes":["cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"],"extracted_events":[{"last_affected":"6.0"},{"last_affected":"7.0"}]},{"source":"CPE_FIELD","vendor_product":"redhat:enterprise_linux_workstation","extracted_events":[{"last_affected":"6.0"},{"last_affected":"7.0"}],"cpes":["cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"]},{"source":"CPE_FIELD","vendor_product":"redhat:gluster_storage","extracted_events":[{"last_affected":"3.0"}],"cpes":["cpe:2.3:a:redhat:gluster_storage:3.0:*:*:*:*:*:*:*"]}]},"references":[{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/100925"},{"type":"ADVISORY","url":"http://www.securitytracker.com/id/1039401"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:2789"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:2790"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:2791"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:2858"},{"type":"ADVISORY","url":"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03775en_us"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20170921-0001/"},{"type":"ADVISORY","url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03817en_us"},{"type":"ADVISORY","url":"https://www.debian.org/security/2017/dsa-3983"},{"type":"ADVISORY","url":"https://www.synology.com/support/security/Synology_SA_17_57_Samba"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12163"},{"type":"FIX","url":"https://www.samba.org/samba/security/CVE-2017-12163.html"}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"}]}