Severity Rating: HIGH

Software Affected

Samba versions prior to 4.15.13

Samba versions prior to 4.16.8

Samba versions prior to 4.17.4

Overview

Multiple vulnerabilities have been reported in Samba which could allow an attacker to gain elevated privileges or bypass security restrictions on the targeted system.

Description

1. Multiple Privilege Elevation Vulnerabilities ( CVE-2022-38023   CVE-2022-37967   CVE-2022-37967   )

These vulnerabilities exist in Samba due to a weak RC4-HMAC Kerberos encryption type in the Netlogon Secure Channel, a weak Windows Kerberos RC4-HMAC component and a weak Kerberos component. A remote attacker could exploit these vulnerabilities by sending a specially crafted data to the affected system.

Successful exploitation of these vulnerabilities could allow the attacker to gain elevated privileges on the target system. This could also lead to gaining of administrative privileges for further attacks.

2. Security Bypass Vulnerability ( CVE-2022-45141   )

This vulnerability exists in Samba Active Directory Domain Controller (AC DC) using Heimdal due to a coding error. An attacker could exploit this vulnerability by sending specially crafted data to the affected system.

Successful exploitation of this vulnerability could allow the attacker to bypass security restrictions and select the encryption type to issue RC4-HMAC encrypted tickets for conducting further attacks.

Solution

Apply appropriate software updates as mentioned in the Samba Security Releases:

Vendor Information

Samba

References

Samba

CVE Name

CVE-2022-38023

CVE-2022-37967

CVE-2022-37967

CVE-2022-45141