CVE-2022-2031 log
Source |
|
Severity | Medium |
Remote | Yes |
Type | Access restriction bypass |
Description | Samba AD users can bypass certain restrictions associated with changing passwords. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-2782 | samba | 4.16.3-1 | 4.16.4-1 | High | Fixed |
References |
---|
https://www.samba.org/samba/security/CVE-2022-2031.html |
Notes |
---|
kpasswd is not a critical protocol for the AD DC in most installations, it can be disabled by setting "kpasswd port = 0" in the smb.conf. |