Samba 4.11.x versions before 4.11.5 Insufficient Information Vulnerability


A newly delegated right, but more importantly the removal of a delegated right, would not be inherited on any DC other than the one where the change was made.


The information has been provided by Andrew Bartlett

The original article can be found at:


There is an issue in all samba 4.11.x versions before 4.11.5, all samba 4.10.x versions before 4.10.12 and all samba 4.9.x versions before 4.9.18, where the removal of the right to create or modify a subtree would not automatically be taken away on all domain controllers.


Vulnerable Systems:

Samba 4.11.x versions before 4.11.5

Samba 4.10.x versions before 4.10.12

Samba 4.9.x versions before 4.9.18


CVE Information:



Disclosure Timeline:
Published Date:1/21/2020

Categories: FeaturedNews