CVE-2022-33679

Меры по смягчению последствий

The following mitigating factors might be helpful in your situation:

Customers running Windows Server 2012 and above, and who use Kerberos Armoring, otherwise known as Flexible Authentication Secure Tunneling (FAST), are protected from this vulnerability.

For more information, see the following article:

• Dynamic Access Control: Scenario Overview

FAQ

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

The attacker must inject themselves into the logical network path between the target and the resource requested by the victim to read or modify network communications. This is called a machine-in-the-middle (MITM) attack.

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

How could an attacker exploit this vulnerability?

An unauthenticated attacker could perform a man-in-the-middle network exploit to downgrade a client's encryption to the RC4-md4 cypher, followed by cracking the user's cypher key. The attacker could then compromise the user's Kerberos session key to elevate privileges.

Are default configurations of Kerberos impacted by this vulnerability?

No. For this vulnerability to be exploitable, the victim user must have the Do not require Kerberos preauthentication option enabled and must have a configured RC4 key. This option is not enabled by default.