Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-7n9k-74nf-ayah
SummaryA vulnerability was found in Samba where a delegated administrator with permission to create objects in Active Directory can write to all attributes of the newly created object, including security-sensitive attributes, even after the object's creation. This issue occurs because the administrator owns the object due to the lack of an Access Control List (ACL) at the time of creation and later being recognized as the 'creator owner.' The retained significant rights of the delegated administrator may not be well understood, potentially leading to unintended privilege escalation or security risks.
Aliases
0
alias CVE-2020-25720
Fixed_packages
0
url pkg:deb/debian/samba@2:4.17.8%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/samba@2:4.17.8%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.8%252Bdfsg-1%3Fdistro=trixie
1
url pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie
purl pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie
2
url pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie
3
url pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie
Affected_packages
0
url pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie
purl pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5tc4-e6tj-3qfa
1
vulnerability VCID-7n9k-74nf-ayah
2
vulnerability VCID-7rsk-suge-a7b4
3
vulnerability VCID-8jp7-e281-tqha
4
vulnerability VCID-8yq8-wp1b-p7gt
5
vulnerability VCID-9cv8-xnmm-cyh8
6
vulnerability VCID-9kyr-nxjs-xkaw
7
vulnerability VCID-afjh-h9hy-u7dz
8
vulnerability VCID-atg1-qx5q-hfdu
9
vulnerability VCID-bkse-muh9-t7a8
10
vulnerability VCID-e2b4-vjgq-sbdq
11
vulnerability VCID-fb3p-pr3k-wbhj
12
vulnerability VCID-fj5p-xkmp-vken
13
vulnerability VCID-gec9-c1be-dkba
14
vulnerability VCID-gx57-3mtp-hqdh
15
vulnerability VCID-hxfw-6htj-wkhg
16
vulnerability VCID-j1a6-7vhx-sbh7
17
vulnerability VCID-j358-djx5-8qdw
18
vulnerability VCID-mnnu-hrtz-uyeg
19
vulnerability VCID-mtrk-m8jm-gyfg
20
vulnerability VCID-t156-69p4-s7gu
21
vulnerability VCID-usyw-3jt1-xyez
22
vulnerability VCID-wc2t-bbf1-mua5
23
vulnerability VCID-x9ky-gfg3-hfen
24
vulnerability VCID-xmpf-4zxw-dybe
25
vulnerability VCID-xt8n-4rnc-b7fs
26
vulnerability VCID-zx6s-p6p1-z7ft
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25720.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25720.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-25720
reference_id
reference_type
scores
0
value 0.00206
scoring_system epss
scoring_elements 0.42808
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-25720
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2305954
reference_id 2305954
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2305954
Weaknesses
0
cwe_id 266
name Incorrect Privilege Assignment
description A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
Exploits
Severity_range_score7.5 - 7.5
Exploitability0.5
Weighted_severity6.8
Risk_score3.4
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-7n9k-74nf-ayah