CVE-2023-32022

Меры по смягчению последствий

The following mitigating factors might be helpful in your situation:

• Only AD-detached clusters are affected by this vulnerability. https://learn.microsoft.com/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/dn265970(v=ws.11)
• Version: AD-detached cluster is available with Windows Server 2012 R2 and above.

FAQ

How could an attacker exploit this vulnerability?

To exploit this vulnerability, an attacker could execute a specially crafted malicious script which executes an RPC call to a Windows SMB Server Service.

What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could execute RPC procedures that are restricted to privileged accounts, bypassing the access check for the RPC procedures.

According to the CVSS metrics, successful exploitation of this vulnerability could lead to minor loss of confidentiality (C:L), integrity (I:L), and have a high impact on availability (A:H). What does that mean for this vulnerability?

Abuse of the affected RPC procedures can lead directly to a loss of the availability (A:H) of this service. At the same time we cannot rule out the potential impact that successful exploitation could have on Confidentiality and Integrity,

According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?

The attacker must be authenticated to be able to exploit this vulnerability.