Samba Vulnerability CVE-2021-44142

Vulnerability Description

CVE-2021-44142 is a privilege escalation vulnerability that allows remote attackers to execute arbitrary code on affected installations of Samba. Access as a user that has write access to a file's extended attributes is required to exploit this vulnerability.

Vulnerability Details

Publication Date: Jan 31 2022

Vulnerability Link: https://www.samba.org/samba/security/CVE-2021-44142.html

NVD CVSS Score: 9.9

Affected CTERA Products

  • CTERA Edge Filer (All versions)

Analysis

This vulnerability is considered critical, as a logged in user that has write access to a file's extended attributes may execute arbitrary code .

CTERA products other than CTERA Edge Filer are not affected.

Workaround

No workaround is available

Permanent solution

CTERA Edge Filer 7.0.1783.28, contains a fix for this issue. Customers who have not upgraded to this or a higher version are advised to schedule a short maintenance window for installing this patch version on their filers.

https://cterakb.atlassian.net/wiki/spaces/CKB/pages/71172097