QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2022-32746

Back to search

CVE-2022-32746

Published: Aug 25, 2022

Modified: Aug 3, 2024

PUBLISHED

Description

A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP message values freed by a preceding database module, resulting in a use-after-free issue. This issue is only possible when modifying certain privileged attributes, such as userAccountControl.

VendorProductVersions

n/a

samba

affected
Versions prior to samba 4.16.4, samba 4.15.9, samba 4.14.14

Weaknesses (CWE)

CWE-416

References

GLSA-202309-06
vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now