CVE-2026-3012
Samba Certificate Auto-Enrollment HTTP Spoofing Flaw
Publication date: 2026-05-27
Last updated on: 2026-05-27
Assigner: Red Hat, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| samba | samba | * |
| samba | samba | to 2.11.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-345 | The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in Samba's certificate auto-enrollment Group Policy handling. When auto-enrollment is enabled, Samba may download a certificate authority (CA) certificate over an unencrypted HTTP connection without properly verifying it.
An attacker who can intercept or redirect network traffic could exploit this flaw by supplying a malicious CA certificate. This could allow the attacker to intercept or spoof trusted communications.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability in Samba's certificate auto-enrollment process could undermine the security of trusted communications by allowing attackers to intercept or spoof certificates. Such a compromise of secure communications may lead to unauthorized access or data breaches.
As a result, organizations using affected Samba versions might face challenges in maintaining compliance with standards and regulations like GDPR and HIPAA, which require protecting data integrity and confidentiality during transmission.
Specifically, the risk of man-in-the-middle attacks due to improper certificate validation could violate requirements for secure data handling and encryption mandated by these regulations.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, it is important to disable certificate auto-enrollment over unencrypted HTTP connections in Samba's Group Policy handling.
Ensure that certificate retrieval uses secure, encrypted channels such as HTTPS to prevent interception or manipulation by attackers.
Apply any patches or updates provided by the Samba team addressing this issue as soon as they become available.
How can this vulnerability impact me? :
Exploitation of this vulnerability could lead to unauthorized access or man-in-the-middle attacks. An attacker could intercept or manipulate certificate enrollment traffic, potentially allowing them to impersonate trusted entities or decrypt sensitive communications.