CVE-2022-32744 in Sambainformación

Resumen

por MITRE • 2022-08-25

A flaw was found in Samba. The KDC accepts kpasswd requests encrypted with any key known to it. By encrypting forged kpasswd requests with its own key, a user can change other users' passwords, enabling full domain takeover.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservar

2022-06-09

Divulgación

2022-08-25

Moderación

aceptado

Artículo

VDB-205297

CPE

listo

EPSS

0.00956

KEV

no

Actividades

muy bajo

Fuentes

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!