PT-2022-1496 · Samba+6 · Samba Ad Dc+7

Kees Van Vloten

Published

2022-01-31

Updated

2024-06-15

CVE-2022-0336

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Samba AD DC (affected versions not specified)

Description The issue is related to checks when adding service principals names (SPNs) to an account, which can be bypassed under certain conditions. This can allow an attacker who has the ability to write to an account to perform a denial-of-service attack by adding an SPN that matches an existing service. Additionally, an attacker who can intercept traffic can impersonate existing services, resulting in a loss of confidentiality and integrity.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Insufficient Verification of Data Authenticity

Incorrect Default Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-345CWE-276

Related Identifiers

ALT-PU-2022-1442

ALT-PU-2022-1478

ALT-PU-2023-1616

AZL-10741

AZL-37009

BDU:2022-00684

CVE-2022-0336

DSA-5071-1

ECHO-59DF-2E7F-BE70

MGASA-2022-0054

OESA-2022-1529

OPENSUSE-SU-2022:0283-1

OPENSUSE-SU-2022_0283-1

OPENSUSE-SU-2024:11807-1

SUSE-SU-2022:0283-1

SUSE-SU-2022:0323-1

USN-5260-1

Affected Products

Alt Linux

Astra Linux

Linuxmint

Red Os

Samba

Samba Ad Dc

Suse

Ubuntu

PT-2022-1496 · Samba+6 · Samba Ad Dc+7

CVE-2022-0336

Weakness Enumeration

Related Identifiers

Affected Products

References · 78