8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.038 Low
EPSS
Percentile
91.7%
The Samba Team reports:
CVE-2022-2031
The KDC and the kpasswd service share a single account
and set of keys, allowing them to decrypt each other's
tickets. A user who has been requested to change their
password can exploit this to obtain and use tickets to
other services.
CVE-2022-32744
The KDC accepts kpasswd requests encrypted with any key
known to it. By encrypting forged kpasswd requests with
its own key, a user can change the passwords of other
users, enabling full domain takeover.
CVE-2022-32745
Samba AD users can cause the server to access
uninitialised data with an LDAP add or modify request,
usually resulting in a segmentation fault.
CVE-2022-32746
The AD DC database audit logging module can be made to
access LDAP message values that have been freed by a
preceding database module, resulting in a
use-after-free. This is only possible when modifying
certain privileged attributes, such as
userAccountControl.
CVE-2022-32742
SMB1 Client with write access to a share can cause
server memory contents to be written into a file or
printer.
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.038 Low
EPSS
Percentile
91.7%