April 2, 2023
SAMBA Patches High-Severity Vulnerability
Samba has released software updates to address a variety of vulnerabilities, one of the vulnerabilities which is classified as high-severity can allow attackers to gain access to information from a Samba AD DC.
The High-Severity Vulnerabilities
- CVE-2022-38023 (CVSS score: 7.7) – Confidential attribute disclosure vulnerability, Successful exploitation might allow an attacker to obtain confidential BitLocker recovery keys from a Samba AD DC.
- All versions of Samba since 4.0 prior to 4.16.10, 4.17.7, 4.18.1.
CYREBRO recommends updating Samba to the latest versions available – 4.16.10, 4.17.7, 4.18.1, to mitigate the vulnerabilities as soon as possible.
References: Samba Security Advisory