Account Misconfiguration in Samba Affecting Key Distribution Center Services
CVE-2022-2031

8.8HIGH

Key Information:

Vendor: Samba
Status: Samba
Vendor: CVE Published:; 25 August 2022

What is CVE-2022-2031?

A security flaw in Samba occurs when the Key Distribution Center (KDC) and the kpasswd service operate under a shared account and set of keys. This misconfiguration allows a malicious user, specifically one who has been prompted to change their password, to manipulate the system and leverage the deceptive capability to decrypt tickets issued for other services. As a result, the attacker could gain unauthorized access to sensitive resources and perform actions under the guise of legitimate credentials.

Affected Version(s)

samba Versions prior to samba 4.16.4, samba 4.15.9, samba 4.14.14

References

https://www.samba.org/samba/security/CVE-2022-2031.html

https://security.gentoo.org/glsa/202309-06

vendor-advisory

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 25, 2022
Vulnerability Reserved
Jun 8, 2022