SAMBA Patches High-Severity Vulnerability

April 2, 2023

SAMBA Patches High-Severity Vulnerability

Samba has released software updates to address a variety of vulnerabilities, one of the vulnerabilities which is classified as high-severity can allow attackers to gain access to information from a Samba AD DC.

The High-Severity Vulnerabilities

  • CVE-2022-38023 (CVSS score: 7.7) – Confidential attribute disclosure vulnerability, Successful exploitation might allow an attacker to obtain confidential BitLocker recovery keys from a Samba AD DC.

Affected Versions

  • All versions of Samba since 4.0 prior to 4.16.10, 4.17.7, 4.18.1.

Mitigation

CYREBRO recommends updating Samba to the latest versions available Р4.16.10, 4.17.7, 4.18.1, to mitigate the vulnerabilities as soon as possible.

References: Samba Security Advisory

Sign Up for Updates