Vulnerabilities > CVE-2022-32745 - Use of Uninitialized Resource vulnerability in Samba

CVSS 8.1 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

samba

CWE-908

NVD

Published: 2022-08-25

Updated: 2023-11-07

Summary

A flaw was found in Samba. Samba AD users can cause the server to access uninitialized data with an LDAP add or modify the request, usually resulting in a segmentation fault.

Vulnerable Configurations

Part	Description	Count
Application	Samba Samba Samba 4.16.0 Samba Samba 4.16.1 Samba Samba 4.16.2 Samba Samba 4.16.3 Samba Samba 4.13.14 Samba Samba 4.13.15 Samba Samba 4.13.16 Samba Samba 4.13.17 Samba Samba 4.14.0 Samba Samba 4.14.1 Samba Samba 4.14.2 Samba Samba 4.14.3 Samba Samba 4.14.4 Samba Samba 4.14.5 Samba Samba 4.14.6 Samba Samba 4.14.7 Samba Samba 4.14.8 Samba Samba 4.14.9 Samba Samba 4.14.10 Samba Samba 4.14.11 Samba Samba 4.14.12 Samba Samba 4.15.2 Samba Samba 4.15.3 Samba Samba 4.15.4 Samba Samba 4.15.5	32

Common Weakness Enumeration (CWE)

CWE-908 - Use of Uninitialized Resource

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References