QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2022-45141

Back to search

CVE-2022-45141

Published: Mar 6, 2023

Modified: Mar 6, 2025

PUBLISHED

Description

Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption (eg aes256-cts-hmac-sha1-96).

VendorProductVersions

n/a

Samba

affected
Fixed in samba 4.15.13, samba 4.16.8, samba 4.15.13

Weaknesses (CWE)

CWE-328

References

GLSA-202309-06
vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now