Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-45141 (GCVE-0-2022-45141)
Vulnerability from cvelistv5 – Published: 2023-03-06 00:00 – Updated: 2025-03-06 20:38
VLAI?
EPSS
Summary
Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption (eg aes256-cts-hmac-sha1-96).
Severity ?
9.8 (Critical)
CWE
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:09:56.405Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.samba.org/samba/security/CVE-2022-45141.html"
},
{
"name": "GLSA-202309-06",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202309-06"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-45141",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-06T20:38:03.461852Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-326",
"description": "CWE-326 Inadequate Encryption Strength",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-06T20:38:07.059Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Samba",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in samba 4.15.13, samba 4.16.8, samba 4.15.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption (eg aes256-cts-hmac-sha1-96)."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-328",
"description": "CWE-328",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-17T08:06:25.974Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://www.samba.org/samba/security/CVE-2022-45141.html"
},
{
"name": "GLSA-202309-06",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202309-06"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2022-45141",
"datePublished": "2023-03-06T00:00:00.000Z",
"dateReserved": "2022-11-10T00:00:00.000Z",
"dateUpdated": "2025-03-06T20:38:07.059Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2022-45141\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2023-03-06T23:15:11.157\",\"lastModified\":\"2025-03-06T21:15:12.980\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption (eg aes256-cts-hmac-sha1-96).\"},{\"lang\":\"es\",\"value\":\"Dado que la vulnerabilidad de elevaci\u00f3n de privilegios de Windows Kerberos RC4-HMAC fue revelada por Microsoft el 8 de noviembre de 2022 y seg\u00fan RFC8429 se asume que rc4-hmac es d\u00e9bil, los DC de Directorio Activo Samba vulnerables emitir\u00e1n tickets cifrados rc4-hmac a pesar de que el servidor de destino admita un cifrado mejor (por ejemplo, aes256-cts-hmac-sha1-96).\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-328\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-326\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-326\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.15.13\",\"matchCriteriaId\":\"703773B3-EE5B-41F5-A2D9-B56F96B8793D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.16.0\",\"versionEndExcluding\":\"4.16.8\",\"matchCriteriaId\":\"10AA6759-95FC-47A6-AA92-342893A2B23E\"}]}]}],\"references\":[{\"url\":\"https://security.gentoo.org/glsa/202309-06\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://www.samba.org/samba/security/CVE-2022-45141.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202309-06\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.samba.org/samba/security/CVE-2022-45141.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"cna\": {\"providerMetadata\": {\"orgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"shortName\": \"redhat\", \"dateUpdated\": \"2023-09-17T08:06:25.974Z\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption (eg aes256-cts-hmac-sha1-96).\"}], \"affected\": [{\"vendor\": \"n/a\", \"product\": \"Samba\", \"versions\": [{\"version\": \"Fixed in samba 4.15.13, samba 4.16.8, samba 4.15.13\", \"status\": \"affected\"}]}], \"references\": [{\"url\": \"https://www.samba.org/samba/security/CVE-2022-45141.html\"}, {\"name\": \"GLSA-202309-06\", \"tags\": [\"vendor-advisory\"], \"url\": \"https://security.gentoo.org/glsa/202309-06\"}], \"problemTypes\": [{\"descriptions\": [{\"type\": \"CWE\", \"lang\": \"en\", \"description\": \"CWE-328\", \"cweId\": \"CWE-328\"}]}]}, \"adp\": [{\"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T14:09:56.405Z\"}, \"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.samba.org/samba/security/CVE-2022-45141.html\", \"tags\": [\"x_transferred\"]}, {\"name\": \"GLSA-202309-06\", \"tags\": [\"vendor-advisory\", \"x_transferred\"], \"url\": \"https://security.gentoo.org/glsa/202309-06\"}]}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-45141\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-03-06T20:38:03.461852Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-326\", \"description\": \"CWE-326 Inadequate Encryption Strength\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-03-06T20:37:57.815Z\"}}]}",
"cveMetadata": "{\"state\": \"PUBLISHED\", \"cveId\": \"CVE-2022-45141\", \"assignerOrgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"assignerShortName\": \"redhat\", \"dateUpdated\": \"2025-03-06T20:38:07.059Z\", \"dateReserved\": \"2022-11-10T00:00:00.000Z\", \"datePublished\": \"2023-03-06T00:00:00.000Z\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
CERTFR-2022-AVI-1112
Vulnerability from certfr_avis - Published: 2022-12-16 - Updated: 2022-12-16
De multiples vulnérabilités ont été découvertes dans Samba. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Samba versions 4.17.x ant\u00e9rieures \u00e0 4.17.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Samba",
"scada": false
}
}
},
{
"description": "Samba versions 4.16.x ant\u00e9rieures \u00e0 4.16.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Samba",
"scada": false
}
}
},
{
"description": "Samba versions ant\u00e9rieures \u00e0 4.15.13",
"product": {
"name": "N/A",
"vendor": {
"name": "Samba",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-37967",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37967"
},
{
"name": "CVE-2022-38023",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38023"
},
{
"name": "CVE-2022-45141",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45141"
},
{
"name": "CVE-2022-37966",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37966"
}
],
"initial_release_date": "2022-12-16T00:00:00",
"last_revision_date": "2022-12-16T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-1112",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-12-16T00:00:00.000000"
}
],
"risks": [
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Samba. Elles\npermettent \u00e0 un attaquant de provoquer un contournement de la politique\nde s\u00e9curit\u00e9 et une \u00e9l\u00e9vation de privil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Samba",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Samba CVE-2022-45141 du 15 d\u00e9cembre 2022",
"url": "https://www.samba.org/samba/security/CVE-2022-45141.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Samba CVE-2022-38023 du 15 d\u00e9cembre 2022",
"url": "https://www.samba.org/samba/security/CVE-2022-38023.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Samba CVE-2022-37967 du 15 d\u00e9cembre 2022",
"url": "https://www.samba.org/samba/security/CVE-2022-37967.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Samba CVE-2022-37966 du 15 d\u00e9cembre 2022",
"url": "https://www.samba.org/samba/security/CVE-2022-37966.html"
}
]
}
CERTFR-2023-AVI-0417
Vulnerability from certfr_avis - Published: 2023-05-30 - Updated: 2023-05-30
De multiples vulnérabilités ont été découvertes dans les produits Synology. Elles permettent à un attaquant de provoquer un déni de service à distance et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SMB Service pour DSM versions ant\u00e9rieures \u00e0 7.2 sans le correctif de s\u00e9curit\u00e9 4.15.13-0781",
"product": {
"name": "DSM",
"vendor": {
"name": "Synology",
"scada": false
}
}
},
{
"description": "DSM version 6.2",
"product": {
"name": "DSM",
"vendor": {
"name": "Synology",
"scada": false
}
}
},
{
"description": "Synology Directory Server pour DSM versions ant\u00e9rieures \u00e0 7.2 sans le correctif de s\u00e9curit\u00e9 4.15.13-0615",
"product": {
"name": "DSM",
"vendor": {
"name": "Synology",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-3437",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3437"
},
{
"name": "CVE-2022-37967",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37967"
},
{
"name": "CVE-2022-38023",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38023"
},
{
"name": "CVE-2022-45141",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45141"
},
{
"name": "CVE-2022-37966",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37966"
}
],
"initial_release_date": "2023-05-30T00:00:00",
"last_revision_date": "2023-05-30T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Synology\u00a0Synology_SA_22_20 du 27 octobre 2022",
"url": "https://www.synology.com/fr-fr/security/advisory/Synology_SA_22_20"
}
],
"reference": "CERTFR-2023-AVI-0417",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-05-30T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits \u003cspan\nclass=\"textit\"\u003eSynology\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer un d\u00e9ni de service \u00e0 distance et une \u00e9l\u00e9vation de privil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Synology",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Synology Synology_SA_22_20 du 27 octobre 2022",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Synology Synology_SA_22_24 du 19 d\u00e9cembre 2022",
"url": "https://www.synology.com/fr-fr/security/advisory/Synology_SA_22_24"
}
]
}
GSD-2022-45141
Vulnerability from gsd - Updated: 2023-12-13 01:19Details
Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption (eg aes256-cts-hmac-sha1-96).
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2022-45141",
"description": "Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption (eg aes256-cts-hmac-sha1-96).",
"id": "GSD-2022-45141",
"references": [
"https://www.suse.com/security/cve/CVE-2022-45141.html",
"https://security.archlinux.org/CVE-2022-45141",
"https://advisories.mageia.org/CVE-2022-45141.html",
"https://ubuntu.com/security/CVE-2022-45141"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2022-45141"
],
"details": "Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption (eg aes256-cts-hmac-sha1-96).",
"id": "GSD-2022-45141",
"modified": "2023-12-13T01:19:24.797050Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2022-45141",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Samba",
"version": {
"version_data": [
{
"version_value": "Fixed in samba 4.15.13, samba 4.16.8, samba 4.15.13"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption (eg aes256-cts-hmac-sha1-96)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-328"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.samba.org/samba/security/CVE-2022-45141.html",
"refsource": "MISC",
"url": "https://www.samba.org/samba/security/CVE-2022-45141.html"
},
{
"name": "GLSA-202309-06",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202309-06"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.16.8",
"versionStartIncluding": "4.16.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.15.13",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2022-45141"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption (eg aes256-cts-hmac-sha1-96)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-326"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.samba.org/samba/security/CVE-2022-45141.html",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://www.samba.org/samba/security/CVE-2022-45141.html"
},
{
"name": "GLSA-202309-06",
"refsource": "GENTOO",
"tags": [],
"url": "https://security.gentoo.org/glsa/202309-06"
}
]
}
},
"impact": {
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
},
"lastModifiedDate": "2023-09-17T09:15Z",
"publishedDate": "2023-03-06T23:15Z"
}
}
}
WID-SEC-W-2022-2365
Vulnerability from csaf_certbund - Published: 2022-12-18 23:00 - Updated: 2025-06-29 22:00Summary
Samba: Mehrere Schwachstellen ermöglichen Privilegieneskalation
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Samba ist eine Open Source Software Suite, die Druck- und Dateidienste für SMB/CIFS Clients implementiert.
DiskStation Manager (DSM) ist ein webbasiertes Betriebssystem für Synology NAS-Geräte.
Angriff: Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Samba ausnutzen, um seine Privilegien zu erhöhen.
Betroffene Betriebssysteme: - BIOS/Firmware
- Hardware Appliance
- Linux
- Sonstiges
- UNIX
References
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Samba ist eine Open Source Software Suite, die Druck- und Dateidienste f\u00fcr SMB/CIFS Clients implementiert.\r\nDiskStation Manager (DSM) ist ein webbasiertes Betriebssystem f\u00fcr Synology NAS-Ger\u00e4te.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Samba ausnutzen, um seine Privilegien zu erh\u00f6hen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- BIOS/Firmware\n- Hardware Appliance\n- Linux\n- Sonstiges\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-2365 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-2365.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-2365 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-2365"
},
{
"category": "external",
"summary": "Samba Releases Security Updates vom 2022-12-18",
"url": "https://us-cert.cisa.gov/ncas/current-activity/2022/12/16/samba-releases-security-updates"
},
{
"category": "external",
"summary": "Samba Security Announcement vom 2022-12-18",
"url": "https://www.samba.org/samba/security/CVE-2022-38023.html"
},
{
"category": "external",
"summary": "Samba Security Announcement vom 2022-12-18",
"url": "https://www.samba.org/samba/security/CVE-2022-37966.html"
},
{
"category": "external",
"summary": "Samba Security Announcement vom 2022-12-18",
"url": "https://www.samba.org/samba/security/CVE-2022-37967.html"
},
{
"category": "external",
"summary": "Samba Security Announcement vom 2022-12-18",
"url": "https://www.samba.org/samba/security/CVE-2022-45141.html"
},
{
"category": "external",
"summary": "Synology Security Advisory vom 2022-12-18",
"url": "https://www.synology.com/en-global/security/advisory/Synology_SA_22_24"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:0014-1 vom 2023-01-03",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-January/013414.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:0081-1 vom 2023-01-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-January/013465.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:0122-1 vom 2023-01-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-January/013509.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:0126-1 vom 2023-01-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-January/013514.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-5822-1 vom 2023-01-24",
"url": "https://ubuntu.com/security/notices/USN-5822-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-5822-2 vom 2023-01-27",
"url": "https://ubuntu.com/security/notices/USN-5822-2"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:0163-1 vom 2023-01-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-January/013539.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:0160-1 vom 2023-01-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-January/013535.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:0164-1 vom 2023-01-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-January/013544.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:0162-1 vom 2023-01-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-January/013547.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:0222-1 vom 2023-02-01",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-February/013609.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:0637 vom 2023-02-08",
"url": "https://access.redhat.com/errata/RHSA-2023:0637"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:0638 vom 2023-02-08",
"url": "https://access.redhat.com/errata/RHSA-2023:0638"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:0639 vom 2023-02-08",
"url": "https://access.redhat.com/errata/RHSA-2023:0639"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:0698 vom 2023-02-15",
"url": "https://access.redhat.com/errata/RHSA-2023:0698"
},
{
"category": "external",
"summary": "Release Notes for Samba 4.16.9 vom 2023-02-16",
"url": "https://www.samba.org/samba/history/samba-4.16.9.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:0838 vom 2023-02-21",
"url": "https://access.redhat.com/errata/RHSA-2023:0838"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-0838 vom 2023-02-22",
"url": "http://linux.oracle.com/errata/ELSA-2023-0838.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:0620-1 vom 2023-03-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-March/013975.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1090 vom 2023-03-07",
"url": "https://access.redhat.com/errata/RHSA-2023:1090"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-1090 vom 2023-03-08",
"url": "http://linux.oracle.com/errata/ELSA-2023-1090.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-1090 vom 2023-03-08",
"url": "https://linux.oracle.com/errata/ELSA-2023-1090.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-5936-1 vom 2023-03-08",
"url": "https://ubuntu.com/security/notices/USN-5936-1"
},
{
"category": "external",
"summary": "CentOS Security Advisory CESA-2023:1090 vom 2023-03-08",
"url": "https://lists.centos.org/pipermail/centos-announce/2023-March/086380.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:2137 vom 2023-05-05",
"url": "https://access.redhat.com/errata/RHSA-2023:2137"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:2127 vom 2023-05-04",
"url": "https://access.redhat.com/errata/RHSA-2023:2127"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:2136 vom 2023-05-05",
"url": "https://access.redhat.com/errata/RHSA-2023:2136"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-2127 vom 2023-05-05",
"url": "https://linux.oracle.com/errata/ELSA-2023-2127.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:2570 vom 2023-05-09",
"url": "https://access.redhat.com/errata/RHSA-2023:2570"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2023-2042 vom 2023-05-17",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2023-2042.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2023-1747 vom 2023-05-24",
"url": "https://alas.aws.amazon.com/ALAS-2023-1747.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:3491 vom 2023-06-06",
"url": "https://access.redhat.com/errata/RHSA-2023:3491"
},
{
"category": "external",
"summary": "QNAP Security Advisory QSA-23-05 vom 2023-06-14",
"url": "https://www.qnap.com/de-de/security-advisory/QSA-23-05"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7010099 vom 2023-07-06",
"url": "https://www.ibm.com/support/pages/node/7010099"
},
{
"category": "external",
"summary": "Gentoo Linux Security Advisory GLSA-202309-06 vom 2023-09-17",
"url": "https://security.gentoo.org/glsa/202309-06"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-7139 vom 2023-11-21",
"url": "https://linux.oracle.com/errata/ELSA-2023-7139.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0252 vom 2024-01-16",
"url": "https://access.redhat.com/errata/RHSA-2024:0252"
},
{
"category": "external",
"summary": "HPE Security Bulletin vom 2024-10-25",
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbux04724en_us\u0026docLocale=en_US"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7582-1 vom 2025-06-19",
"url": "https://ubuntu.com/security/notices/USN-7582-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7582-2 vom 2025-06-30",
"url": "https://ubuntu.com/security/notices/USN-7582-2"
}
],
"source_lang": "en-US",
"title": "Samba: Mehrere Schwachstellen erm\u00f6glichen Privilegieneskalation",
"tracking": {
"current_release_date": "2025-06-29T22:00:00.000+00:00",
"generator": {
"date": "2025-06-30T09:30:20.019+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2022-2365",
"initial_release_date": "2022-12-18T23:00:00.000+00:00",
"revision_history": [
{
"date": "2022-12-18T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2023-01-02T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-01-12T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-01-23T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-01-24T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von SUSE und Ubuntu aufgenommen"
},
{
"date": "2023-01-26T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2023-02-01T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-02-07T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-02-15T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-02-16T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2023-02-21T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-02-22T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2023-03-06T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-03-07T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen"
},
{
"date": "2023-03-08T23:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Ubuntu und CentOS aufgenommen"
},
{
"date": "2023-05-04T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen"
},
{
"date": "2023-05-09T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-05-16T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2023-05-23T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2023-06-06T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-06-14T22:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von QNAP aufgenommen"
},
{
"date": "2023-07-06T22:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-09-17T22:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von Gentoo aufgenommen"
},
{
"date": "2023-11-21T23:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-01-15T23:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-10-27T23:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von HP aufgenommen"
},
{
"date": "2025-06-19T22:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-06-29T22:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von Ubuntu aufgenommen"
}
],
"status": "final",
"version": "28"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Gentoo Linux",
"product": {
"name": "Gentoo Linux",
"product_id": "T012167",
"product_identification_helper": {
"cpe": "cpe:/o:gentoo:linux:-"
}
}
}
],
"category": "vendor",
"name": "Gentoo"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "(CIFS) Client/Server \u003cB.04.18.01.00",
"product": {
"name": "HPE HP-UX (CIFS) Client/Server \u003cB.04.18.01.00",
"product_id": "T038611"
}
},
{
"category": "product_version",
"name": "(CIFS) Client/Server B.04.18.01.00",
"product": {
"name": "HPE HP-UX (CIFS) Client/Server B.04.18.01.00",
"product_id": "T038611-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:hp:hp-ux:%28cifs%29_clientserver__b.04.18.01.00"
}
}
}
],
"category": "product_name",
"name": "HP-UX"
}
],
"category": "vendor",
"name": "HPE"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "7.5",
"product": {
"name": "IBM QRadar SIEM 7.5",
"product_id": "T022954",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.5"
}
}
}
],
"category": "product_name",
"name": "QRadar SIEM"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source CentOS",
"product": {
"name": "Open Source CentOS",
"product_id": "1727",
"product_identification_helper": {
"cpe": "cpe:/o:centos:centos:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.17.4",
"product": {
"name": "Open Source Samba \u003c4.17.4",
"product_id": "T025619"
}
},
{
"category": "product_version",
"name": "4.17.4",
"product": {
"name": "Open Source Samba 4.17.4",
"product_id": "T025619-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:samba:samba:4.17.4"
}
}
},
{
"category": "product_version_range",
"name": "\u003c4.15.13",
"product": {
"name": "Open Source Samba \u003c4.15.13",
"product_id": "T025644"
}
},
{
"category": "product_version",
"name": "4.15.13",
"product": {
"name": "Open Source Samba 4.15.13",
"product_id": "T025644-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:samba:samba:4.15.13"
}
}
},
{
"category": "product_version_range",
"name": "\u003c4.16.8",
"product": {
"name": "Open Source Samba \u003c4.16.8",
"product_id": "T025645"
}
},
{
"category": "product_version",
"name": "4.16.8",
"product": {
"name": "Open Source Samba 4.16.8",
"product_id": "T025645-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:samba:samba:4.16.8"
}
}
},
{
"category": "product_version_range",
"name": "\u003c4.16.9",
"product": {
"name": "Open Source Samba \u003c4.16.9",
"product_id": "T026404"
}
},
{
"category": "product_version",
"name": "4.16.9",
"product": {
"name": "Open Source Samba 4.16.9",
"product_id": "T026404-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:samba:samba:4.16.9"
}
}
}
],
"category": "product_name",
"name": "Samba"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "QNAP NAS",
"product": {
"name": "QNAP NAS",
"product_id": "T017100",
"product_identification_helper": {
"cpe": "cpe:/h:qnap:nas:-"
}
}
}
],
"category": "vendor",
"name": "QNAP"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "Container Platform",
"product": {
"name": "Red Hat OpenShift Container Platform",
"product_id": "T025202",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform"
}
}
}
],
"category": "product_name",
"name": "OpenShift"
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "Directory Server",
"product": {
"name": "Synology DiskStation Manager Directory Server",
"product_id": "T025650",
"product_identification_helper": {
"cpe": "cpe:/a:synology:diskstation_manager:::directory_server"
}
}
}
],
"category": "product_name",
"name": "DiskStation Manager"
}
],
"category": "vendor",
"name": "Synology"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-37966",
"product_status": {
"known_affected": [
"67646",
"T038611",
"T012167",
"T004914",
"T017100",
"T022954",
"T025619",
"T002207",
"T026404",
"T025645",
"T000126",
"T025202",
"398363",
"T025644",
"1727",
"T025650"
]
},
"release_date": "2022-12-18T23:00:00.000+00:00",
"title": "CVE-2022-37966"
},
{
"cve": "CVE-2022-37967",
"product_status": {
"known_affected": [
"67646",
"T038611",
"T012167",
"T004914",
"T017100",
"T022954",
"T025619",
"T002207",
"T026404",
"T025645",
"T000126",
"T025202",
"398363",
"T025644",
"1727",
"T025650"
]
},
"release_date": "2022-12-18T23:00:00.000+00:00",
"title": "CVE-2022-37967"
},
{
"cve": "CVE-2022-38023",
"product_status": {
"known_affected": [
"67646",
"T038611",
"T012167",
"T004914",
"T017100",
"T022954",
"T025619",
"T002207",
"T026404",
"T025645",
"T000126",
"T025202",
"398363",
"T025644",
"1727",
"T025650"
]
},
"release_date": "2022-12-18T23:00:00.000+00:00",
"title": "CVE-2022-38023"
},
{
"cve": "CVE-2022-45141",
"product_status": {
"known_affected": [
"67646",
"T038611",
"T012167",
"T004914",
"T017100",
"T022954",
"T025619",
"T002207",
"T026404",
"T025645",
"T000126",
"T025202",
"398363",
"T025644",
"1727",
"T025650"
]
},
"release_date": "2022-12-18T23:00:00.000+00:00",
"title": "CVE-2022-45141"
}
]
}
FKIE_CVE-2022-45141
Vulnerability from fkie_nvd - Published: 2023-03-06 23:15 - Updated: 2025-03-06 21:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption (eg aes256-cts-hmac-sha1-96).
References
| URL | Tags | ||
|---|---|---|---|
| secalert@redhat.com | https://security.gentoo.org/glsa/202309-06 | ||
| secalert@redhat.com | https://www.samba.org/samba/security/CVE-2022-45141.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202309-06 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.samba.org/samba/security/CVE-2022-45141.html | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*",
"matchCriteriaId": "703773B3-EE5B-41F5-A2D9-B56F96B8793D",
"versionEndExcluding": "4.15.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*",
"matchCriteriaId": "10AA6759-95FC-47A6-AA92-342893A2B23E",
"versionEndExcluding": "4.16.8",
"versionStartIncluding": "4.16.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption (eg aes256-cts-hmac-sha1-96)."
},
{
"lang": "es",
"value": "Dado que la vulnerabilidad de elevaci\u00f3n de privilegios de Windows Kerberos RC4-HMAC fue revelada por Microsoft el 8 de noviembre de 2022 y seg\u00fan RFC8429 se asume que rc4-hmac es d\u00e9bil, los DC de Directorio Activo Samba vulnerables emitir\u00e1n tickets cifrados rc4-hmac a pesar de que el servidor de destino admita un cifrado mejor (por ejemplo, aes256-cts-hmac-sha1-96)."
}
],
"id": "CVE-2022-45141",
"lastModified": "2025-03-06T21:15:12.980",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-03-06T23:15:11.157",
"references": [
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/202309-06"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.samba.org/samba/security/CVE-2022-45141.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/202309-06"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.samba.org/samba/security/CVE-2022-45141.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-328"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-326"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-326"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
BDU:2023-00022
Vulnerability from fstec - Published: 08.11.2022
VLAI Severity ?
Title
Уязвимость реализации протокола Heimdal Kerberos пакета программ сетевого взаимодействия Samba, позволяющая нарушителю выполнить произвольный код
Description
Уязвимость реализации протокола Heimdal Kerberos пакета программ сетевого взаимодействия Samba связана с использованием криптографического алгоритма RC4-HMAC. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, выполнить произвольный код
Severity ?
Vendor
ООО «РусБИТех-Астра», АО «ИВК», Samba Team, АО «НТЦ ИТ РОСА», АО "НППКТ"
Software Name
Astra Linux Special Edition (запись в едином реестре российских программ №369), Astra Linux Special Edition для «Эльбрус» (запись в едином реестре российских программ №11156), Альт 8 СП (запись в едином реестре российских программ №4305), Samba, ROSA Virtualization (запись в едином реестре российских программ №5091), ОСОН ОСнова Оnyx (запись в едином реестре российских программ №5913)
Software Version
1.6 «Смоленск» (Astra Linux Special Edition), 8.1 «Ленинград» (Astra Linux Special Edition для «Эльбрус»), 1.7 (Astra Linux Special Edition), - (Альт 8 СП), 4.7 (Astra Linux Special Edition), до 4.15.13 (Samba), от 4.16 до 4.16.8 (Samba), от 4.17 до 4.17.4 (Samba), 2.1 (ROSA Virtualization), до 2.10 (ОСОН ОСнова Оnyx)
Possible Mitigations
Использование рекомендаций:
https://www.samba.org/samba/security/CVE-2022-45141.html
Для Astra Linux 1.6 «Смоленск»:
обновить пакет samba до 2:4.9.5+dfsg-5+deb10u4astra.se7 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20231214SE16
Для ОСОН ОСнова Оnyx (версия 2.10):
Обновление программного обеспечения samba до версии 2:4.15.13+repack-osnova4
Для ОС Astra Linux:
обновить пакет samba до 2:4.17.12+dfsg-0+deb12u1~bpo11+1astra3 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-0830SE17
Для Astra Linux Special Edition 4.7 для архитектуры ARM:
обновить пакет samba до 2:4.17.12+dfsg-0+deb12u1~bpo11+1astra3 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47
Для ОС Альт 8 СП: установка обновления из публичного репозитория программного средства
Для ОС Astra Linux:
обновить пакет samba до 2:4.9.5+dfsg-5+deb10u4astra.se7 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se81-bulletin-20241206SE81
Для системы управления средой виртуализации «ROSA Virtualization»: https://abf.rosa.ru/advisories/ROSA-SA-2024-2451
Reference
https://www.samba.org/samba/security/CVE-2022-45141.html
https://www.samba.org/samba/history/security.html
https://vuldb.com/?id.216219
https://bugzilla.redhat.com/show_bug.cgi?id=2154376
https://access.redhat.com/security/cve/cve-2022-45141
https://wiki.astralinux.ru/astra-linux-se16-bulletin-20231214SE16
https://поддержка.нппкт.рф/bin/view/ОСнова/Обновления/2.10/
https://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-0830SE17
https://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47
https://altsp.su/obnovleniya-bezopasnosti/
https://wiki.astralinux.ru/astra-linux-se81-bulletin-20241206SE81
https://abf.rosa.ru/advisories/ROSA-SA-2024-2451
CWE
CWE-326, CWE-327, CWE-328
{
"CVSS 2.0": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"CVSS 3.0": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb, Samba Team, \u0410\u041e \u00ab\u041d\u0422\u0426 \u0418\u0422 \u0420\u041e\u0421\u0410\u00bb, \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\"",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (Astra Linux Special Edition), 8.1 \u00ab\u041b\u0435\u043d\u0438\u043d\u0433\u0440\u0430\u0434\u00bb (Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb), 1.7 (Astra Linux Special Edition), - (\u0410\u043b\u044c\u0442 8 \u0421\u041f), 4.7 (Astra Linux Special Edition), \u0434\u043e 4.15.13 (Samba), \u043e\u0442 4.16 \u0434\u043e 4.16.8 (Samba), \u043e\u0442 4.17 \u0434\u043e 4.17.4 (Samba), 2.1 (ROSA Virtualization), \u0434\u043e 2.10 (\u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://www.samba.org/samba/security/CVE-2022-45141.html\n\n\u0414\u043b\u044f Astra Linux 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 samba \u0434\u043e 2:4.9.5+dfsg-5+deb10u4astra.se7 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20231214SE16\n\n\u0414\u043b\u044f \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx (\u0432\u0435\u0440\u0441\u0438\u044f 2.10):\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f samba \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 2:4.15.13+repack-osnova4\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 samba \u0434\u043e 2:4.17.12+dfsg-0+deb12u1~bpo11+1astra3 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-0830SE17\n\n\u0414\u043b\u044f Astra Linux Special Edition 4.7 \u0434\u043b\u044f \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b ARM:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 samba \u0434\u043e 2:4.17.12+dfsg-0+deb12u1~bpo11+1astra3 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47\n\n\u0414\u043b\u044f \u041e\u0421 \u0410\u043b\u044c\u0442 8 \u0421\u041f: \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0438\u0437 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 samba \u0434\u043e 2:4.9.5+dfsg-5+deb10u4astra.se7 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se81-bulletin-20241206SE81\n\n\u0414\u043b\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0440\u0435\u0434\u043e\u0439 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u00abROSA Virtualization\u00bb: https://abf.rosa.ru/advisories/ROSA-SA-2024-2451",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "08.11.2022",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "05.03.2025",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "04.01.2023",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2023-00022",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2022-45141",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u211611156), \u0410\u043b\u044c\u0442 8 \u0421\u041f (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164305), Samba, ROSA Virtualization (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165091), \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb 8.1 \u00ab\u041b\u0435\u043d\u0438\u043d\u0433\u0440\u0430\u0434\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u211611156), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.7 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb \u0410\u043b\u044c\u0442 8 \u0421\u041f - (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164305), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 4.7 ARM (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0410\u041e \u00ab\u041d\u0422\u0426 \u0418\u0422 \u0420\u041e\u0421\u0410\u00bb ROSA Virtualization 2.1 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165091), \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\" \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx \u0434\u043e 2.10 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 Heimdal Kerberos \u043f\u0430\u043a\u0435\u0442\u0430 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f Samba, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0421\u043b\u0430\u0431\u043e\u0435 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u0435 (CWE-326), \u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0430\u043b\u0433\u043e\u0440\u0438\u0442\u043c\u043e\u0432, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0438\u0445 \u0434\u0435\u0444\u0435\u043a\u0442\u044b \u0438\u043b\u0438 \u0440\u0438\u0441\u043a\u0438 (CWE-327), \u041e\u0431\u0440\u0430\u0442\u0438\u043c\u0430\u044f \u043e\u0434\u043d\u043e\u0441\u0442\u043e\u0440\u043e\u043d\u043d\u044f\u044f \u0445\u044d\u0448-\u0444\u0443\u043d\u043a\u0446\u0438\u044f (CWE-328)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 Heimdal Kerberos \u043f\u0430\u043a\u0435\u0442\u0430 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f Samba \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u0430\u043b\u0433\u043e\u0440\u0438\u0442\u043c\u0430 RC4-HMAC. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://www.samba.org/samba/security/CVE-2022-45141.html\nhttps://www.samba.org/samba/history/security.html\nhttps://vuldb.com/?id.216219\nhttps://bugzilla.redhat.com/show_bug.cgi?id=2154376\nhttps://access.redhat.com/security/cve/cve-2022-45141\nhttps://wiki.astralinux.ru/astra-linux-se16-bulletin-20231214SE16\nhttps://\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430.\u043d\u043f\u043f\u043a\u0442.\u0440\u0444/bin/view/\u041e\u0421\u043d\u043e\u0432\u0430/\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f/2.10/\nhttps://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-0830SE17\nhttps://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47\nhttps://altsp.su/obnovleniya-bezopasnosti/\nhttps://wiki.astralinux.ru/astra-linux-se81-bulletin-20241206SE81\nhttps://abf.rosa.ru/advisories/ROSA-SA-2024-2451",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-326, CWE-327, CWE-328",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,6)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 8,1)"
}
MSRC_CVE-2022-45141
Vulnerability from csaf_microsoft - Published: 2023-03-10 00:00 - Updated: 2024-10-15 00:00Summary
Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption (eg aes256-cts-hmac-sha1-96).
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
9.8 (Critical)
Vendor Fix
4.18.3-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade
https://learn.microsoft.com/en-us/azure/azure-lin…
References
| URL | Category | |
|---|---|---|
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2022-45141 Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption (eg aes256-cts-hmac-sha1-96). - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2023/msrc_cve-2022-45141.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption (eg aes256-cts-hmac-sha1-96).",
"tracking": {
"current_release_date": "2024-10-15T00:00:00.000Z",
"generator": {
"date": "2025-12-27T17:04:43.542Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2022-45141",
"initial_release_date": "2023-03-10T00:00:00.000Z",
"revision_history": [
{
"date": "2024-10-15T00:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 samba 4.18.3-1",
"product": {
"name": "\u003cazl3 samba 4.18.3-1",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "azl3 samba 4.18.3-1",
"product": {
"name": "azl3 samba 4.18.3-1",
"product_id": "16864"
}
}
],
"category": "product_name",
"name": "samba"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 samba 4.18.3-1 as a component of Azure Linux 3.0",
"product_id": "17084-1"
},
"product_reference": "1",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 samba 4.18.3-1 as a component of Azure Linux 3.0",
"product_id": "16864-17084"
},
"product_reference": "16864",
"relates_to_product_reference": "17084"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-45141",
"cwe": {
"id": "CWE-326",
"name": "Inadequate Encryption Strength"
},
"notes": [
{
"category": "general",
"text": "redhat",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"16864-17084"
],
"known_affected": [
"17084-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-45141 Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption (eg aes256-cts-hmac-sha1-96). - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2023/msrc_cve-2022-45141.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-15T00:00:00.000Z",
"details": "4.18.3-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-1"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalsScore": 0.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"17084-1"
]
}
],
"title": "Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption (eg aes256-cts-hmac-sha1-96)."
}
]
}
GHSA-G5HG-3X62-V52F
Vulnerability from github – Published: 2023-03-07 00:30 – Updated: 2023-03-13 18:30
VLAI?
Details
Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption (eg aes256-cts-hmac-sha1-96).
Severity ?
9.8 (Critical)
{
"affected": [],
"aliases": [
"CVE-2022-45141"
],
"database_specific": {
"cwe_ids": [
"CWE-326",
"CWE-327",
"CWE-328"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-03-06T23:15:00Z",
"severity": "CRITICAL"
},
"details": "Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption (eg aes256-cts-hmac-sha1-96).",
"id": "GHSA-g5hg-3x62-v52f",
"modified": "2023-03-13T18:30:41Z",
"published": "2023-03-07T00:30:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45141"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202309-06"
},
{
"type": "WEB",
"url": "https://www.samba.org/samba/security/CVE-2022-45141.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Loading…
Show additional events:
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…