- 166/2022
- High
Samba has released a security update to address multiple vulnerabilities in the software affecting several versions. The remote attacker could exploit this vulnerability to bypass security, obtain information, cause a denial of service and gain privileges on the system.
All versions of Samba are affected by CVE-2022-3274, Samba 4.3, and later is affected by CVE-2022-32744. Samba 4.16, 4.15.2, 4.14.10, 4.13.14, and later affected by CVE-2022-32745. All versions of Samba prior to 4.16.4 are affected by CVE-2022-32746. All versions of Samba prior to 4.16.4 is affected by CVE-2022- 2031.
Sample of addressed vulnerabilities:
Samba Security Bypass (CVE-2022-32744):
Samba could allow the remote authenticated attacker to bypass security restrictions, caused by a flaw in the kpasswd service. The attacker could exploit this vulnerability to change the password of the administrator account and gain total control over the domain by sending a specially-crafted ticket.
- CVSS: 8.8
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Consequences: Bypass Security
Vulnerabilities
- CVE-2022-32742
- CVE-2022-32744
- CVE-2022-32745
- CVE-2022-32745
- CVE-2022-2031
Mitigations
The enterprise should deploy this patch as soon as the testing phase is completed.