MitM attack in Samba Rsync

Published: 2021-01-04
Risk Medium
Patch available NO
Number of vulnerabilities 1
CVE-ID CVE-2020-14387
Exploitation vector Network
Public exploit N/A
Vulnerable software
Server applications / Other server solutions

Vendor Samba

Security Bulletin

This security bulletin contains one medium risk vulnerability.

1) Improper validation of certificate with host mismatch

EUVDB-ID: #VU49239

Risk: Medium


CVE-ID: CVE-2020-14387

CWE-ID: CWE-297 - Improper Validation of Certificate with Host Mismatch

Exploit availability: No


The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists in Samba rsync due to the application does not verify the hostname in the server certificate in openssl mode. A remote attacker can supply any valid certificate for another hostname and intercept the traffic.


Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

Rsync: 3.2.0 - 3.2.3pre1

CPE2.3 External links;a=commitdiff;h=c3f7414c450faaf6a8281cc4a4403529aeb7d859

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?