Search for vulnerabilities
Vulnerability details: VCID-xb1w-pq52-aaaj
Vulnerability ID VCID-xb1w-pq52-aaaj
Aliases CVE-2021-3670
Summary MaxQueryDuration not honoured in Samba AD DC LDAP
Status Published
Exploitability 0.5
Weighted Severity 5.9
Risk 3.0
Affected and Fixed Packages Package Details
Weaknesses (2)
CWE-400 Uncontrolled Resource Consumption
CWE-770 Allocation of Resources Without Limits or Throttling
System Score Found at
cvssv3 6.5 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3670.json
epss 0.00228 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.00228 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.00228 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.00228 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.00273 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.00273 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.00273 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.00273 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.00273 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.00273 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.00273 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.00273 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.00273 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.00273 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.00273 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.00273 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01497 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01497 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01497 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01497 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01497 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01497 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01497 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01497 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01497 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01497 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01497 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01497 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01497 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01497 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01497 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01497 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01497 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01497 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01497 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01497 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01497 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01497 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01497 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01497 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01497 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01497 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01497 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01497 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01497 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01497 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01497 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01547 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01547 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01547 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01547 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01547 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01547 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01547 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01547 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01547 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01547 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01547 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01547 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01547 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01547 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01547 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01547 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01547 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01547 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01547 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01547 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01547 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01547 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01547 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01547 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01547 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01547 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01547 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01547 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01547 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01547 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01547 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01547 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01547 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01547 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01547 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01547 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01595 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01595 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.01595 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
epss 0.02798 https://api.first.org/data/v1/epss?cve=CVE-2021-3670
cvssv3.1 6.5 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3 6.5 https://nvd.nist.gov/vuln/detail/CVE-2021-3670
cvssv3.1 6.5 https://nvd.nist.gov/vuln/detail/CVE-2021-3670
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3670.json
https://api.first.org/data/v1/epss?cve=CVE-2021-3670
https://bugzilla.redhat.com/show_bug.cgi?id=2077533
https://bugzilla.samba.org/show_bug.cgi?id=14694
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3670
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://gitlab.com/samba-team/samba/-/commit/1d5b155619bc532c46932965b215bd73a920e56f
https://gitlab.com/samba-team/samba/-/commit/2b3af3b560c9617a233c131376c870fce146c002
https://gitlab.com/samba-team/samba/-/commit/3507e96b3dcf0c0b8eff7b2c08ffccaf0812a393
https://gitlab.com/samba-team/samba/-/commit/5f0590362c5c0c5ee20503a67467f9be2d50e73b
https://gitlab.com/samba-team/samba/-/commit/86fe9d48883f87c928bf31ccbd275db420386803
https://gitlab.com/samba-team/samba/-/commit/dcfcafdbf756e12d9077ad7920eea25478c29f81
https://gitlab.com/samba-team/samba/-/commit/e1ab0c43629686d1d2c0b0b2bcdc90057a792049
https://security.gentoo.org/glsa/202309-06
cpe:2.3:a:redhat:storage:3.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:storage:3.0:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
CVE-2021-3670 https://nvd.nist.gov/vuln/detail/CVE-2021-3670
USN-5542-1 https://usn.ubuntu.com/5542-1/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3670.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2021-3670
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2021-3670
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.60529
EPSS Score 0.00228
Published At Dec. 17, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.