thr3ads.net - samba - [Samba] CVSS V3 score for CVE-2017-15275 [Feb 2018]

If this information is useful, please help other people find it:
Share via:

Arjit Gupta

2018-Feb-06 08:28 UTC

[Samba] CVSS V3 score for CVE-2017-15275

Hi Team ,



Please help us know the CVSS V3 score for CVE-2017-15275.



NVD <https://nvd.nist.gov/vuln/detail/CVE-2017-15275> and redhat
<https://access.redhat.com/security/cve/cve-2017-15275> have different
score.

Arjit Kumar

Andrew Bartlett

2018-Feb-06 08:36 UTC

head link

[Samba] CVSS V3 score for CVE-2017-15275

On Tue, 2018-02-06 at 13:58 +0530, Arjit Gupta via samba
wrote:> Hi Team ,
> 
> 
> 
> Please help us know the CVSS V3 score for CVE-2017-15275.
> 
> 
> 
> NVD <https://nvd.nist.gov/vuln/detail/CVE-2017-15275> and redhat
> <https://access.redhat.com/security/cve/cve-2017-15275> have
different
> score.
The difference seems to be the Network vs Adjacent network choice,
which really comes down to if you allow SMB across network segments
(many organisations routinely firewall that off, so this might be why
Red Hat says Adjacent network). 

I hope this helps,

Andrew Bartlett
-- 
Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba

samba - Feb 2018 - CVSS V3 score for CVE-2017-15275

[Samba] CVSS V3 score for CVE-2017-15275

[Samba] CVSS V3 score for CVE-2017-15275