U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2022-27239

Change History

Initial Analysis 5/06/2022 2:49:22 PM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:hp:helion_openstack:8.0:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:samba:cifs-utils:*:*:*:*:*:*:*:* versions up to (including) 6.14
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:suse:caas_platform:4.0:*:*:*:*:*:*:*
     *cpe:2.3:a:suse:enterprise_storage:6.0:*:*:*:*:*:*:*
     *cpe:2.3:a:suse:enterprise_storage:7.0:*:*:*:*:*:*:*
     *cpe:2.3:a:suse:linux_enterprise_point_of_service:11.0:sp3:*:*:*:*:*:*
     *cpe:2.3:a:suse:linux_enterprise_storage:7.1:*:*:*:*:*:*:*
     *cpe:2.3:a:suse:manager_proxy:4.1:*:*:*:*:*:*:*
     *cpe:2.3:a:suse:manager_proxy:4.2:*:*:*:*:*:*:*
     *cpe:2.3:a:suse:manager_proxy:4.3:*:*:*:*:*:*:*
     *cpe:2.3:a:suse:manager_retail_branch_server:4.1:*:*:*:*:*:*:*
     *cpe:2.3:a:suse:manager_retail_branch_server:4.2:*:*:*:*:*:*:*
     *cpe:2.3:a:suse:manager_retail_branch_server:4.3:*:*:*:*:*:*:*
     *cpe:2.3:a:suse:manager_server:4.1:*:*:*:*:*:*:*
     *cpe:2.3:a:suse:manager_server:4.2:*:*:*:*:*:*:*
     *cpe:2.3:a:suse:manager_server:4.3:*:*:*:*:*:*:*
     *cpe:2.3:a:suse:openstack_cloud:8.0:*:*:*:*:*:*:*
     *cpe:2.3:a:suse:openstack_cloud:9.0:*:*:*:*:*:*:*
     *cpe:2.3:a:suse:openstack_cloud_crowbar:8.0:*:*:*:*:*:*:*
     *cpe:2.3:a:suse:openstack_cloud_crowbar:9.0:*:*:*:*:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_desktop:15:sp3:*:*:*:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_desktop:15:sp4:*:*:*:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_high_performance_computing:12.0:sp5:*:*:-:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:-:*:*:ltss:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp1:*:*:espos:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp1:*:*:ltss:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp2:*:*:espos:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp2:*:*:ltss:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp3:*:*:-:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp4:*:*:-:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_micro:5.2:*:*:*:*:-:*:*
     *cpe:2.3:o:suse:linux_enterprise_micro:5.2:*:*:*:*:rancher:*:*
     *cpe:2.3:o:suse:linux_enterprise_real_time:15.0:sp2:*:*:*:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*
     *cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:ltss:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_server:12:sp2:*:*:business_critical_linux:-:*:*
     *cpe:2.3:o:suse:linux_enterprise_server:12:sp3:*:*:*:sap:*:*
     *cpe:2.3:o:suse:linux_enterprise_server:12:sp3:*:*:business_critical_linux:-:*:*
     *cpe:2.3:o:suse:linux_enterprise_server:12:sp3:*:*:espos:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_server:12:sp3:*:*:ltss:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_server:12:sp4:*:*:-:sap:*:*
     *cpe:2.3:o:suse:linux_enterprise_server:12:sp4:*:*:espos:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_server:12:sp4:*:*:ltss:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_server:12:sp5:*:*:*:sap:*:*
     *cpe:2.3:o:suse:linux_enterprise_server:15:*:*:*:*:sap:*:*
     *cpe:2.3:o:suse:linux_enterprise_server:15:-:*:*:espos:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_server:15:-:*:*:ltss:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_server:15:sp1:*:*:business_critical_linux:-:*:*
     *cpe:2.3:o:suse:linux_enterprise_server:15:sp1:*:*:ltss:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_server:15:sp2:*:*:business_critical_linux:-:*:*
     *cpe:2.3:o:suse:linux_enterprise_server:15:sp2:*:*:ltss:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_server:15:sp3:*:*:*:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_server:15:sp4:*:*:*:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp5:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
     *cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
     *cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
Added CVSS V2

								
							
							
						
NIST (AV:L/AC:L/Au:N/C:C/I:C/A:C)
Added CVSS V3.1

								
							
							
						
NIST AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Added CWE

								
							
							
						
NIST CWE-787
Changed Reference Type
http://wiki.robotz.com/index.php/Linux_CIFS_Utils_and_Samba No Types Assigned
http://wiki.robotz.com/index.php/Linux_CIFS_Utils_and_Samba Third Party Advisory
Changed Reference Type
https://bugzilla.samba.org/show_bug.cgi?id=15025 No Types Assigned
https://bugzilla.samba.org/show_bug.cgi?id=15025 Issue Tracking, Permissions Required, Vendor Advisory
Changed Reference Type
https://bugzilla.suse.com/show_bug.cgi?id=1197216 No Types Assigned
https://bugzilla.suse.com/show_bug.cgi?id=1197216 Issue Tracking, Patch, Third Party Advisory
Changed Reference Type
https://github.com/piastry/cifs-utils/pull/7 No Types Assigned
https://github.com/piastry/cifs-utils/pull/7 Issue Tracking, Patch, Third Party Advisory
Changed Reference Type
https://github.com/piastry/cifs-utils/pull/7/commits/955fb147e97a6a74e1aaa65766de91e2c1479765 No Types Assigned
https://github.com/piastry/cifs-utils/pull/7/commits/955fb147e97a6a74e1aaa65766de91e2c1479765 Patch, Third Party Advisory