Vulnerability CVE-2022-38023: Information

Description

Netlogon RPC Elevation of Privilege Vulnerability

Severity: HIGH (8.1) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2022-38023

Published: Nov. 10, 2022

Modified: Sept. 17, 2023

Fixed packages

Package name	Branch	Fixed in version	Version from repository	Errata ID	Task #	State
samba	sisyphus	4.16.8-alt1	4.20.1-alt2	ALT-PU-2022-3352-1	311836	Fixed
samba	sisyphus_e2k	4.16.8-alt1	4.20.1-alt1	ALT-PU-2022-7452-1	-	Fixed
samba	sisyphus_riscv64	4.16.8-alt1	4.20.1-alt2	ALT-PU-2022-7460-1	-	Fixed
samba	p10	4.16.9-alt1	4.19.6-alt2	ALT-PU-2023-1371-1	315490	Fixed
samba	p10_e2k	4.16.9-alt1	4.19.6-alt2	ALT-PU-2023-2756-1	-	Fixed
samba	c10f1	4.16.9-alt1	4.16.11-alt2	ALT-PU-2023-1371-1	315490	Fixed
samba	c9f2	4.16.11-alt0.c9.1	4.14.14-alt0.c9.1	ALT-PU-2024-8329-1	334763	In work
samba	p11	4.16.8-alt1	4.20.1-alt1	ALT-PU-2022-3352-1	311836	Fixed

References to Advisories, Solutions, and Tools

Hyperlink	Resource
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38023	Patch Vendor Advisory
https://security.gentoo.org/glsa/202309-06

Affected configurations:
1. Configuration 1
  cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*
  cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
  cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*
  cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*
  cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
  cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*
  cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*
  
  Configuration 2
  cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*
  cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*
  
  Configuration 3
  cpe:2.3:a:netapp:management_services_for_element_software:-:*:*:*:*:*:*:*
  cpe:2.3:a:netapp:management_services_for_netapp_hci:-:*:*:*:*:*:*:*
  
  Configuration 4
  cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
  Start including
  4.16.0
  End excliding
  4.16.8
  cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
  Start including
  4.17.0
  End excliding
  4.17.4
  cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
  Start excluding
  4.15.13

VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla

Version: v24.5.3