CVE-2023-0922

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-0922

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-0922.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-0922

Downstream

DEBIAN-CVE-2023-0922

OESA-2023-1231

OESA-2023-1232

OESA-2023-1233

OESA-2023-1248

SUSE-SU-2023:1682-1

SUSE-SU-2023:1683-1

SUSE-SU-2023:1684-1

SUSE-SU-2023:1687-1

SUSE-SU-2023:1689-1

UBUNTU-CVE-2023-0922

USN-5993-1

openSUSE-SU-2024:12831-1

Related

Published

2023-04-03T23:15:07Z

Modified

2025-11-19T17:34:56.859833Z

Severity

5.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

The Samba AD DC administration tool, when operating against a remote LDAP server, will by default send new or reset passwords over a signed-only connection.

References

Affected packages

Git / github.com/samba-team/samba

Affected ranges

Type: GIT
Repo: https://github.com/samba-team/samba
Events: Introduced

df33344d8eb40221d60c99931690703a11d91bc2

Fixed

32d0bb892727ccdfc7bc81d93ab255898041c02b

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-0922.json"