Lucene search
Ubuntu.comUB:CVE-2022-37966HistoryNov 09, 2022 - 12:00 a.m.
CVE-2022-37966
2022-11-0900:00:00
ubuntu.com
ubuntu.com
90
cve-2022-37966
windows
kerberos
elevation of privilege
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.017
Percentile
88.2%
Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability
Bugs
Notes
| Author | Note |
|---|---|
| mdeslaur | commits come after CVE-2022-38023 and CVE-2022-45141 The focal samba update was temporarily reverted by USN 5822-2 because it introduced regressions. It was later updated again with USN 5936-1. |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 18.04 | noarch | samba | <Â any | UNKNOWN |
| ubuntu | 20.04 | noarch | samba | <Â 2:4.15.13+dfsg-0ubuntu0.20.04.1 | UNKNOWN |
| ubuntu | 22.04 | noarch | samba | <Â 2:4.15.13+dfsg-0ubuntu1 | UNKNOWN |
| ubuntu | 22.10 | noarch | samba | <Â 2:4.16.8+dfsg-0ubuntu1 | UNKNOWN |
| ubuntu | 23.04 | noarch | samba | <Â 2:4.17.5+dfsg-2ubuntu1 | UNKNOWN |
| ubuntu | 23.10 | noarch | samba | <Â 2:4.17.5+dfsg-2ubuntu1 | UNKNOWN |
| ubuntu | 24.04 | noarch | samba | <Â 2:4.17.5+dfsg-2ubuntu1 | UNKNOWN |
| ubuntu | 14.04 | noarch | samba | <Â any | UNKNOWN |
| ubuntu | 16.04 | noarch | samba | <Â any | UNKNOWN |
References
launchpad.net/bugs/cve/CVE-2022-37966
nvd.nist.gov/vuln/detail/CVE-2022-37966
security-tracker.debian.org/tracker/CVE-2022-37966
ubuntu.com/security/notices/USN-5822-1
ubuntu.com/security/notices/USN-5822-2
ubuntu.com/security/notices/USN-5936-1
www.cve.org/CVERecord?id=CVE-2022-37966
www.samba.org/samba/security/CVE-2022-37966.html
Related
slackware
slackware
[slackware-security] samba
2022-12-17 21:30:27
openvas
openvas
Slackware: Security Advisory (SSA:2022-351-01)
2022-12-19 00:00:00
Ubuntu: Security Advisory (USN-5936-1)
2023-03-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2023:0014-1)
2023-01-03 00:00:00
nessus
nessus
Samba < 4.15.13 / 4.16.x < 4.16.8 / 4.17.x < 4.17.4 Multiple Vulnerabilities
2023-01-04 00:00:00
Ubuntu 20.04 LTS : Samba vulnerabilities (USN-5936-1)
2023-03-09 00:00:00
cisa
cisa
Samba Releases Security Updates
2022-12-16 00:00:00
thn
thn
ubuntu
ubuntu
Samba vulnerabilities
2023-03-08 00:00:00
Samba vulnerabilities
2023-01-24 00:00:00
Samba regression
2023-01-26 00:00:00
osv
osv
samba vulnerabilities
2023-03-08 13:02:34
samba regression
2023-01-26 21:36:01
samba vulnerabilities
2023-01-24 12:58:42
altlinux
altlinux
Security fix for the ALT Linux 10 package samba version 4.16.8-alt1
2022-12-15 00:00:00
Security fix for the ALT Linux 10 package samba version 4.16.9-alt1
2023-03-02 00:00:00
fedora
fedora
[SECURITY] Fedora 36 Update: samba-4.16.8-0.fc36
2022-12-21 01:19:35
[SECURITY] Fedora 37 Update: samba-4.17.4-0.fc37
2022-12-19 01:18:39
mageia
mageia
Updated samba packages fix security vulnerability
2023-01-24 10:58:24
nvd
nvd
samba
samba
Samba AD DC using Heimdal can be forced to
2022-12-15 00:00:00
rc4-hmac Kerberos session keys issued
2022-12-15 00:00:00
RC4/HMAC-MD5 NetLogon Secure Channel is weak and should be avoided
2022-12-15 00:00:00
veracode
veracode
Privilege Escalation
2022-12-17 19:03:44
Privilege Escalation
2022-12-22 10:44:34
Privilege Escalation
2023-01-06 11:13:34
alpinelinux
alpinelinux
cvelist
cvelist
CVE-2022-45141
2023-03-06 00:00:00
CVE-2022-38023 Netlogon RPC Elevation of Privilege Vulnerability
2022-11-09 00:00:00
redhatcve
redhatcve
debiancve
debiancve
ubuntucve
ubuntucve
CVE-2022-45141
2022-12-16 00:00:00
CVE-2022-38023
2022-11-09 00:00:00
prion
prion
Privilege escalation
2023-03-06 23:15:00
Privilege escalation
2022-11-09 22:15:00
Privilege escalation
2022-11-09 22:15:00
cve
cve
mscve
mscve
Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability
2022-11-08 08:00:00
Netlogon RPC Elevation of Privilege Vulnerability
2022-11-08 08:00:00
redhat
redhat
(RHSA-2023:2136) Important: samba security update
2023-05-04 18:15:19
(RHSA-2023:0637) Important: samba security update
2023-02-07 21:15:49
(RHSA-2023:0638) Important: samba security update
2023-02-07 22:08:23
almalinux
almalinux
Important: samba security update
2023-02-21 00:00:00
Important: samba security update
2023-05-04 00:00:00
centos
centos
ctdb, libsmbclient, libwbclient, samba security update
2023-03-08 16:28:01
amazon
amazon
Important: samba
2023-05-11 17:49:00
Important: samba
2023-05-11 18:00:00
rocky
rocky
samba security update
2023-05-05 15:41:05
samba security update
2023-02-22 01:08:44
oraclelinux
oraclelinux
samba security update
2023-05-04 00:00:00
samba security update
2023-02-22 00:00:00
samba security update
2023-03-08 00:00:00
avleonov
avleonov
mskb
mskb
November 8, 2022âKB5020005 (Security-only update)
2022-11-08 08:00:00
November 8, 2022âKB5020019 (Monthly Rollup)
2022-11-08 08:00:00
November 8, 2022âKB5020013 (Security-only update)
2022-11-08 08:00:00
gentoo
gentoo
Samba: Multiple Vulnerabilities
2023-09-17 00:00:00
qualysblog
qualysblog
ibm
ibm
Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOPs
2023-05-31 17:23:24
Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOPs
2023-05-31 17:22:48
talosblog
talosblog
kaspersky
kaspersky
KLA20045 Multiple vulnerabilities in Microsoft Products (ESU)
2022-11-08 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2024-2451
2024-07-15 09:04:20
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.017
Percentile
88.2%
Related for UB:CVE-2022-37966