CCE-95414-9Platform: cpe:/o:amazon:linux:2, cpe:/o:centos:centos:7, cpe:/o:oracle:linux:7, cpe:/o:oracle:linux:8, cpe:/o:redhat:enterprise_linux:7, cpe:/o:redhat:enterprise_linux:8, cpe:/o:redhat:enterprise_linux:9 | Date: (C)2021-03-05 (M)2023-07-04 |
Description
The Samba daemon allows system administrators to configure their Linux systems to share file systems and directories with Windows desktops. Samba will advertise the file systems and directories via the Server Message Block (SMB) protocol. Windows desktop users will be able to mount these directories and file systems as letter drives on their systems.
Rationale
If there is no need to mount directories and file systems to Windows systems, then this package can be removed to reduce the potential attack surface.
Remediation
Run the following command to remove samba
yum remove samba
Parameter:
[yes/no]
Technical Mechanism:
Run the following command to remove samba
yum remove samba
CCSS Severity: | CCSS Metrics: |
CCSS Score : 6.6 | Attack Vector: NETWORK |
Exploit Score: 0.7 | Attack Complexity: HIGH |
Impact Score: 5.9 | Privileges Required: HIGH |
Severity: MEDIUM | User Interaction: NONE |
Vector: AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H | Scope: UNCHANGED |
| Confidentiality: HIGH |
| Integrity: HIGH |
| Availability: HIGH |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:72861 |
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:84255 |
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:72651 |
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:72966 |
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:68566 |
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:72015 |
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:72754 |
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:72381 |