Security Advisory

CVE-2022-32744

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-08-25 00:00:00

Last updated 2024-08-03 07:46:44

Assigner redhat

State PUBLISHED

Description

A flaw was found in Samba. The KDC accepts kpasswd requests encrypted with any key known to it. By encrypting forged kpasswd requests with its own key, a user can change other users passwords, enabling full domain takeover.

← Browse all CVEs View on cve.org ↗