CVE-2022-38023
Netlogon RPC Elevation of Privilege Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
14Public Exploits
0Exploited in Wild
-Decision
Descriptions
Netlogon RPC Elevation of Privilege Vulnerability
Vulnerabilidad de elevaciĆ³n de privilegios de Netlogon RPC
A flaw was found in samba. The Netlogon RPC implementations may use the rc4-hmac encryption algorithm, which is considered weak and should be avoided even if the client supports more modern encryption types. This issue could allow an attacker who knows the plain text content communicated between the samba client and server to craft data with the same MD5 calculation and replace it without being detected.
USN-5822-1 fixed vulnerabilities in Samba. The update for Ubuntu 20.04 LTS introduced regressions in certain environments. Pending investigation of these regressions, this update temporarily reverts the security fixes. It was discovered that Samba incorrectly handled the bad password count logic. It was discovered that Samba supported weak RC4/HMAC-MD5 in NetLogon Secure Channel. Greg Hudson discovered that Samba incorrectly handled PAC parsing. Joseph Sutton discovered that Samba could be forced to issue rc4-hmac encrypted Kerberos tickets.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-08-08 CVE Reserved
- 2022-11-09 CVE Published
- 2025-01-02 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-328: Use of Weak Hash