Elevation of Privilege Vulnerability in Samba Active Directory
CVE-2022-45141

9.8CRITICAL

Key Information:

Vendor: Samba
Status: Samba
Vendor: CVE Published:; 6 March 2023

What is CVE-2022-45141?

The Samba Active Directory Domain Controllers are susceptible to an elevation of privilege vulnerability due to the use of the rc4-hmac encryption algorithm. Despite the presence of better encryption options such as aes256-cts-hmac-sha1-96, vulnerable Samba DCs can issue rc4-hmac encrypted tickets. This flaw arises from the deprecation of rc4-hmac as weak encryption as established by RFC8429, presenting a risk for unauthorized access and exploitation. Organizations must assess their systems to mitigate associated risks.

Affected Version(s)

Samba Fixed in samba 4.15.13, samba 4.16.8, samba 4.15.13

References

https://www.samba.org/samba/security/CVE-2022-45141.html

https://security.gentoo.org/glsa/202309-06

vendor-advisory

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 6, 2023
Vulnerability Reserved
Nov 10, 2022