CVE-2019-3870

Name: CVE-2019-3870
Creator: NVD / NIST
Published: 2019-04-09T16:29:01.867+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

MEDIUMCVSS 6.1/10EPSS 0.55%

Last modified Jun 17, 2026

CVE-2019-3870 is a medium-severity vulnerability rated 6.1/10 on the CVSS scale. A vulnerability was found in Samba from version (including) 4.9 to versions before 4.9.6 and 4.10.2. During the creation of a new Samba AD DC, files are created in a private subdirectory of the install location. EPSS estimates a 0.55% chance of exploitation in the next 30 days.

Description

A vulnerability was found in Samba from version (including) 4.9 to versions before 4.9.6 and 4.10.2. During the creation of a new Samba AD DC, files are created in a private subdirectory of the install location. This directory is typically mode 0700, that is owner (root) only access. However in some upgraded installations it will have other permissions, such as 0755, because this was the default before Samba 4.8. Within this directory, files are created with mode 0666, which is world-writable, including a sample krb5.conf, and the list of DNS names and servicePrincipalName values to update.

Metrics

CVSS 3.1

6.1/10

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

EPSS Probability

0.55%

41.9th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

Vendor	Product	Versions
Samba	Samba	>= 4.9.0, < 4.9.6
Samba	Samba	>= 4.10.0, < 4.10.2
Fedoraproject	Fedora	29
Fedoraproject	Fedora	30
Synology	Directory Server	All versions
Synology	Router Manager	1.2
Synology	Diskstation Manager	5.2
Synology	Diskstation Manager	6.1
Synology	Diskstation Manager	6.2
Synology	Skynas Firmware	All versions
Synology	Vs960hd Firmware	< 2.3.6-1720

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3870Issue Tracking, Third Party Advisory
https://bugzilla.samba.org/show_bug.cgi?id=13834Exploit, Issue Tracking, Patch, Vendor Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6354GALK73CZWQKFUG7AWB6EIEGFMF62/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JTJVFA3RZ6G2IZDTVKLHRMX6QBYA4GPA/
https://support.f5.com/csp/article/K20804356Third Party Advisory
https://www.samba.org/samba/security/CVE-2019-3870.htmlMitigation, Patch, Vendor Advisory
https://www.synology.com/security/advisory/Synology_SA_19_15Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3870Issue Tracking, Third Party Advisory
https://bugzilla.samba.org/show_bug.cgi?id=13834Exploit, Issue Tracking, Patch, Vendor Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6354GALK73CZWQKFUG7AWB6EIEGFMF62/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JTJVFA3RZ6G2IZDTVKLHRMX6QBYA4GPA/
https://support.f5.com/csp/article/K20804356Third Party Advisory
https://www.samba.org/samba/security/CVE-2019-3870.htmlMitigation, Patch, Vendor Advisory
https://www.synology.com/security/advisory/Synology_SA_19_15Third Party Advisory

Timeline

Published: Apr 9, 2019
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2019-3870?

How severe is CVE-2019-3870?

CVE-2019-3870 has a CVSS score of 6.1/10 (MEDIUM severity). The EPSS model estimates a 0.55% probability of exploitation in the next 30 days.

How do I fix CVE-2019-3870?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2019-3870?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST