CVE-2026-3012
Last modified
CVE-2026-3012 is a medium-severity vulnerability rated 6.8/10 on the CVSS scale. A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and install it into the local trust store without proper verification. EPSS estimates a 0.25% chance of exploitation in the next 30 days.
Description
A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and install it into the local trust store without proper verification. An attacker with the ability to intercept or redirect network traffic could exploit this behavior to supply a malicious certificate authority certificate, potentially allowing interception or spoofing of trusted communications.
Metrics
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Redhat | Openshift Container Platform | 4.0 |
| Samba | Samba | >= 4.16.0, < 4.21.0 |
| Redhat | Enterprise Linux | 7.0 |
| Redhat | Enterprise Linux | 9.0 |
References
- https://access.redhat.com/errata/RHSA-2026:22644Issue Tracking
- https://access.redhat.com/errata/RHSA-2026:22963Issue Tracking
- https://access.redhat.com/security/cve/CVE-2026-3012Mitigation, Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2447319Issue Tracking, Third Party Advisory
- https://bugzilla.samba.org/show_bug.cgi?id=16003Issue Tracking, Mitigation, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2026-3012?
How severe is CVE-2026-3012?
How do I fix CVE-2026-3012?
Are you affected by CVE-2026-3012?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST