{
  "threat_severity" : "Important",
  "public_date" : "2022-12-16T00:00:00Z",
  "bugzilla" : {
    "description" : "samba: RC4/HMAC-MD5 NetLogon Secure Channel is weak and should be avoided",
    "id" : "2154362",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2154362"
  },
  "cvss3" : {
    "cvss3_base_score" : "8.1",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
    "status" : "verified"
  },
  "cwe" : "CWE-328",
  "details" : [ "Netlogon RPC Elevation of Privilege Vulnerability", "A flaw was found in samba. The Netlogon RPC implementations may use the rc4-hmac encryption algorithm, which is considered weak and should be avoided even if the client supports more modern encryption types. This issue could allow an attacker who knows the plain text content communicated between the samba client and server to craft data with the same MD5 calculation and replace it without being detected." ],
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2023-03-07T00:00:00Z",
    "advisory" : "RHSA-2023:1090",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "samba-0:4.10.16-24.el7_9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2023-02-21T00:00:00Z",
    "advisory" : "RHSA-2023:0838",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8",
    "package" : "samba-0:4.16.4-4.el8_7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2023-02-21T00:00:00Z",
    "advisory" : "RHSA-2023:0838",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8",
    "package" : "samba-0:4.16.4-4.el8_7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions",
    "release_date" : "2023-02-07T00:00:00Z",
    "advisory" : "RHSA-2023:0639",
    "cpe" : "cpe:/a:redhat:rhel_e4s:8.1",
    "package" : "samba-0:4.10.4-107.el8_1"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.2 Advanced Update Support",
    "release_date" : "2023-02-07T00:00:00Z",
    "advisory" : "RHSA-2023:0638",
    "cpe" : "cpe:/o:redhat:rhel_aus:8.2",
    "package" : "samba-0:4.11.2-22.el8_2"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
    "release_date" : "2023-02-07T00:00:00Z",
    "advisory" : "RHSA-2023:0638",
    "cpe" : "cpe:/o:redhat:rhel_tus:8.2",
    "package" : "samba-0:4.11.2-22.el8_2"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
    "release_date" : "2023-02-07T00:00:00Z",
    "advisory" : "RHSA-2023:0638",
    "cpe" : "cpe:/o:redhat:rhel_e4s:8.2",
    "package" : "samba-0:4.11.2-22.el8_2"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.4 Extended Update Support",
    "release_date" : "2023-02-07T00:00:00Z",
    "advisory" : "RHSA-2023:0637",
    "cpe" : "cpe:/o:redhat:rhel_eus:8.4",
    "package" : "samba-0:4.13.3-11.el8_4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.6 Extended Update Support",
    "release_date" : "2023-05-04T00:00:00Z",
    "advisory" : "RHSA-2023:2136",
    "cpe" : "cpe:/a:redhat:rhel_eus:8.6",
    "package" : "samba-0:4.15.5-12.el8_6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2023-05-04T00:00:00Z",
    "advisory" : "RHSA-2023:2127",
    "cpe" : "cpe:/a:redhat:enterprise_linux:9",
    "package" : "samba-0:4.16.4-103.el9_1"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2023-05-04T00:00:00Z",
    "advisory" : "RHSA-2023:2127",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9",
    "package" : "samba-0:4.16.4-103.el9_1"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9.0 Extended Update Support",
    "release_date" : "2023-05-04T00:00:00Z",
    "advisory" : "RHSA-2023:2137",
    "cpe" : "cpe:/a:redhat:rhel_eus:9.0",
    "package" : "samba-0:4.15.5-110.el9_0"
  }, {
    "product_name" : "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
    "release_date" : "2023-05-04T00:00:00Z",
    "advisory" : "RHSA-2023:2136",
    "cpe" : "cpe:/o:redhat:rhev_hypervisor:4.4::el8",
    "package" : "samba-0:4.15.5-12.el8_6"
  }, {
    "product_name" : "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
    "release_date" : "2023-06-06T00:00:00Z",
    "advisory" : "RHSA-2023:3491",
    "cpe" : "cpe:/o:redhat:rhev_hypervisor:4.4::el8",
    "package" : "redhat-virtualization-host-0:4.5.3-202306050942_8.6"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Out of support scope",
    "package_name" : "samba",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Storage 3",
    "fix_state" : "Not affected",
    "package_name" : "samba",
    "cpe" : "cpe:/a:redhat:storage:3"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2022-38023\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-38023\nhttps://www.samba.org/samba/security/CVE-2022-38023.html" ],
  "name" : "CVE-2022-38023",
  "mitigation" : {
    "value" : "Users can disable MD5-based NetLogon by adding the following snippet to their smb.conf\n~~~\nreject md5 clients = yes \n~~~\nin case there's still need to allow SMB to authenticate to MD5-based NetLogon servers, it's possible to explicitly\nenable it per-server based:\n~~~\nserver reject md5 schannel:<SERVERNAME>$ = no\n~~~",
    "lang" : "en:us"
  },
  "csaw" : false
}