PT-2022-7207 · Samba+3 · Samba+3

Andrew Bartlett

Published

2022-09-01

Updated

2025-08-22

CVE-2022-32743

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:C/A:N

Name of the Vulnerable Software and Affected Versions Samba (affected versions not specified)

Description The issue is related to the default permission settings in Samba, a network communication package. It may allow a remote attacker to compromise data integrity. Specifically, Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute, which could permit unprivileged users to write it.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Incorrect Default Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-276

Related Identifiers

AZL-10865

BDU:2023-09090

CVE-2022-32743

ECHO-FC0C-9842-9114

OESA-2022-1878

OPENSUSE-SU-2022_3244-1

OPENSUSE-SU-2022_3955-1

SUSE-SU-2022:3244-1

SUSE-SU-2022:3955-1

Affected Products

Astra Linux

Debian

Samba

Suse

PT-2022-7207 · Samba+3 · Samba+3

CVE-2022-32743

Weakness Enumeration

Related Identifiers

Affected Products

References · 32