Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2022-38023

Опубликовано: 16 дек. 2022
Источник: redhat
CVSS3: 8.1
EPSS Низкий

Описание

Netlogon RPC Elevation of Privilege Vulnerability

A flaw was found in samba. The Netlogon RPC implementations may use the rc4-hmac encryption algorithm, which is considered weak and should be avoided even if the client supports more modern encryption types. This issue could allow an attacker who knows the plain text content communicated between the samba client and server to craft data with the same MD5 calculation and replace it without being detected.

Меры по смягчению последствий

Users can disable MD5-based NetLogon by adding the following snippet to their smb.conf

reject md5 clients = yes

in case there's still need to allow SMB to authenticate to MD5-based NetLogon servers, it's possible to explicitly enable it per-server based:

server reject md5 schannel:<SERVERNAME>$ = no

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6sambaOut of support scope
Red Hat Storage 3sambaNot affected
Red Hat Enterprise Linux 7sambaFixedRHSA-2023:109007.03.2023
Red Hat Enterprise Linux 8sambaFixedRHSA-2023:083821.02.2023
Red Hat Enterprise Linux 8sambaFixedRHSA-2023:083821.02.2023
Red Hat Enterprise Linux 8.1 Update Services for SAP SolutionssambaFixedRHSA-2023:063907.02.2023
Red Hat Enterprise Linux 8.2 Advanced Update SupportsambaFixedRHSA-2023:063807.02.2023
Red Hat Enterprise Linux 8.2 Telecommunications Update ServicesambaFixedRHSA-2023:063807.02.2023
Red Hat Enterprise Linux 8.2 Update Services for SAP SolutionssambaFixedRHSA-2023:063807.02.2023
Red Hat Enterprise Linux 8.4 Extended Update SupportsambaFixedRHSA-2023:063707.02.2023

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important
Дефект:
CWE-328
https://bugzilla.redhat.com/show_bug.cgi?id=2154362samba: RC4/HMAC-MD5 NetLogon Secure Channel is weak and should be avoided

EPSS

Процентиль: 61%
0.00419
Низкий

8.1 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2022-38023

CVSS3: 8.1
ubuntu
больше 2 лет назад

Netlogon RPC Elevation of Privilege Vulnerability

nvd логотип

CVE-2022-38023

CVSS3: 8.1
nvd
больше 2 лет назад

Netlogon RPC Elevation of Privilege Vulnerability

msrc логотип

CVE-2022-38023

CVSS3: 8.1
msrc
около 2 лет назад

Netlogon RPC Elevation of Privilege Vulnerability

debian логотип

CVE-2022-38023

CVSS3: 8.1
debian
больше 2 лет назад

Netlogon RPC Elevation of Privilege Vulnerability

rocky логотип

RLSA-2023:2127

rocky
около 2 лет назад

Important: samba security update

EPSS

Процентиль: 61%
0.00419
Низкий

8.1 High

CVSS3