Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-j1a6-7vhx-sbh7
Vulnerability ID VCID-j1a6-7vhx-sbh7
Aliases CVE-2018-14628
Summary An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store.
Status Published
Exploitability 0.5
Weighted Severity 3.9
Risk 1.9
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-862 Missing Authorization
System Score Found at
cvssv3 4.3 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14628.json
epss 0.00535 https://api.first.org/data/v1/epss?cve=CVE-2018-14628
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14628.json
https://api.first.org/data/v1/epss?cve=CVE-2018-14628
1034803 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034803
1625445 https://bugzilla.redhat.com/show_bug.cgi?id=1625445
GLSA-202402-28 https://security.gentoo.org/glsa/202402-28
No exploits are available.
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14628.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.67789
EPSS Score 0.00535
Published At June 4, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-04T17:10:40.743543+00:00 Debian Importer Import https://security-tracker.debian.org/tracker/data/json 38.6.0