suse · CVE-2017-12150

Quick triage

Priority: high Published: 2021-05-30 13:59:34 UTC Updated: 2026-04-17 16:02:15 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2017-12150 severity important: SUSE including 1193 source package names (amazon/suse-sles-15-sp1-chost-byos-v20210304-hvm-ssd-x86_64, amazon/suse-sles-15-sp1-chost-byos-v20220127-hvm-ssd-x86_64, …), 1902 product×package rows across 58 product lines (SUSE Enterprise Storage 5, SUSE Liberty Linux 7, … (58 product lines)): Fixed 1547, Known Not Affected 198, Known Affected 157.

Description:

It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text.

cvelogic Threat Intelligence