Synology-SA-22:24 Samba AD DC

Publish Time: 2022-12-19 17:45:31 UTC+8

Last Updated: 2023-05-22 15:34:54 UTC+8

Severity
Important
Status
Resolved

Abstract

Multiple vulnerabilities allow remote attackers or remote authenticated users to bypass security constraint via a susceptible version of Synology Directory Server.

Affected Products

Product Severity Fixed Release Availability
Synology Directory Server for DSM 7.2 Important Upgrade to 4.15.13-0615 or above.
Synology Directory Server for DSM 7.1 Important Will not fix
Synology Directory Server for DSM 7.0 Important Will not fix
Synology Directory Server for DSM 6.2 Important Will not fix

Mitigation

None

Detail

  • CVE-2022-37966

  • CVE-2022-37967

  • CVE-2022-38023

  • CVE-2022-45141

    • Severity: Important
    • CVSS3 Base Score: 8.1
    • CVSS3 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
    • Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption (eg aes256-cts-hmac-sha1-96).

Reference

Revision

Revision Date Description
1 2022-12-19 Initial public release.
2 2023-03-07 Disclosed vulnerability details.
3 2023-05-22 Update for Synology Directory Server is now available in Affected Products.