Vulnerability Report

CVE-2021-3670

Title: Samba Denial of Service (DoS)

Denial of Service (DoS)

Proof Of Concept

No public PoC currently indexed for CVE-2021-3670.

CWE Category CWE-400
Published Date Aug 23, 2022
Modified Date Aug 21, 2025
Exploit Status Not Found
Score 6.5 CVSS v3.1
Exploit Probability (EPSS)
3.43%

Vulnerability Summary

CVE-2021-3670: MaxQueryDuration not honoured in Samba AD DC LDAP

Impacted Vendors

S
samba 1
S
sgi 1
R
redhat 1
S
storage_project 1

Reference Links

https://bugzilla.redhat.com/show_bug.cgi?id=2077533 https://bugzilla.samba.org/show_bug.cgi?id=14694 https://gitlab.com/samba-team/samba/-/commit/1d5b155619bc532c46932965b215bd73a920e56f https://gitlab.com/samba-team/samba/-/commit/2b3af3b560c9617a233c131376c870fce146c002 https://gitlab.com/samba-team/samba/-/commit/3507e96b3dcf0c0b8eff7b2c08ffccaf0812a393 https://gitlab.com/samba-team/samba/-/commit/5f0590362c5c0c5ee20503a67467f9be2d50e73b https://gitlab.com/samba-team/samba/-/commit/86fe9d48883f87c928bf31ccbd275db420386803 https://gitlab.com/samba-team/samba/-/commit/dcfcafdbf756e12d9077ad7920eea25478c29f81 https://gitlab.com/samba-team/samba/-/commit/e1ab0c43629686d1d2c0b0b2bcdc90057a792049 https://security.gentoo.org/glsa/202309-06 https://bugzilla.redhat.com/show_bug.cgi?id=2077533 https://bugzilla.samba.org/show_bug.cgi?id=14694 https://gitlab.com/samba-team/samba/-/commit/1d5b155619bc532c46932965b215bd73a920e56f https://gitlab.com/samba-team/samba/-/commit/2b3af3b560c9617a233c131376c870fce146c002 https://gitlab.com/samba-team/samba/-/commit/3507e96b3dcf0c0b8eff7b2c08ffccaf0812a393 https://gitlab.com/samba-team/samba/-/commit/5f0590362c5c0c5ee20503a67467f9be2d50e73b https://gitlab.com/samba-team/samba/-/commit/86fe9d48883f87c928bf31ccbd275db420386803 https://gitlab.com/samba-team/samba/-/commit/dcfcafdbf756e12d9077ad7920eea25478c29f81 https://gitlab.com/samba-team/samba/-/commit/e1ab0c43629686d1d2c0b0b2bcdc90057a792049 https://security.gentoo.org/glsa/202309-06
CVSS v3.1
Source Entity [email protected]
Severity MEDIUM
6.5
Attack Vector
NETWORK
Complexity
LOW
Privileges
N/A
Interaction
NONE
Confidentiality
N/A
Integrity
N/A
Availability
N/A
Scope
UNCHANGED
RAW VECTOR CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2021-3670 Exploits & PoCs (Proof Of Concept)

No public PoCs found in our database for this CVE.

MODIFIED

Vulnerability data or affected products updated.

PUBLISHED

Vulnerability first announced in NVD.

Attack Vector Matrix

Access Vector NETWORK
Complexity LOW
Privileges N/A
Interaction NONE
CVSS Vector String CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Stack

No specific products linked.