CVE-2022-0336 — Incorrect Default Permissions in Samba
Severity
8.8HIGHNVD
OSV2.5
EPSS
0.4%
top 40.41%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedAug 29
Description
The Samba AD DC includes checks when adding service principals names (SPNs) to an account to ensure that SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an account modification re-adds an SPN that was previously present on that account, such as one added when a computer is joined to a domain. An attacker who has the ability to write to an account can exploit this to perform a denial-of-service attack by adding an SPN that matches an existing …
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9
Affected Packages8 packages
Also affects: Fedora 34, 35
Patches
🔴Vulnerability Details
3OSV▶
CVE-2022-0336: The Samba AD DC includes checks when adding service principals names (SPNs) to an account to ensure that SPNs do not alias with those already in the d↗2022-08-29
GHSA▶
GHSA-rg44-hwh5-vcpq: The Samba AD DC includes checks when adding service principals names (SPNs) to an account to ensure that SPNs do not alias with those already in the d↗2022-08-29
📋Vendor Advisories
4Microsoft▶
The Samba AD DC includes checks when adding service principals names (SPNs) to an account to ensure that SPNs do not alias with those already in the database. Some of these checks are able to be bypas↗2022-08-09
Red Hat▶
samba: Samba AD users with permission to write to an account can impersonate arbitrary services↗2022-01-31
Debian▶
CVE-2022-0336: samba - The Samba AD DC includes checks when adding service principals names (SPNs) to a...↗2022