CVE-2022-37966: Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability
First published: Tue Nov 08 2022(Updated: )
Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability
Credit: secure@microsoft.com secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Windows Server 2008 | =sp2 | |
| Microsoft Windows Server 2008 | =r2-sp1 | |
| Microsoft Windows Server 2012 | ||
| Microsoft Windows Server 2012 | =r2 | |
| Microsoft Windows Server 2016 | ||
| Microsoft Windows Server 2019 | ||
| Microsoft Windows Server 2022 | ||
| Fedoraproject Fedora | =36 | |
| Fedoraproject Fedora | =37 | |
| Netapp Management Services For Element Software | ||
| Netapp Management Services For Netapp Hci | ||
| Samba Samba | >4.15.13 | |
| Samba Samba | >=4.16.0<4.16.8 | |
| Samba Samba | >=4.17.0<4.17.4 | |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2022-37966?
CVE-2022-37966 is a Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability.
How severe is CVE-2022-37966?
CVE-2022-37966 has a severity value of 8.1, which is considered critical.
Which software is affected by CVE-2022-37966?
The software affected by CVE-2022-37966 includes Microsoft Windows Server 2008, 2008 R2, 2012, 2012 R2, 2016, 2019, and 2022, as well as Fedora, Netapp Management Services, and Samba.
How can I fix CVE-2022-37966 on Windows Server 2008?
To fix CVE-2022-37966 on Windows Server 2008, you can apply the security patches provided by Microsoft. Please refer to the Microsoft support page for more information.
Where can I find more information about CVE-2022-37966?
You can find more information about CVE-2022-37966 on the Microsoft Security Response Center website and the Gentoo Security Advisory.
- collector/nvd-index
- agent/references
- agent/author
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/title
- agent/severity
- agent/remedy
- agent/description
- collector/msrc-cve
- source/Microsoft
- agent/software-canonical-lookup
- agent/softwarecombine
- agent/event
- agent/tags
- agent/software-canonical-lookup-request
- collector/nvd-api
- vendor/microsoft
- canonical/microsoft windows server 2008
- version/microsoft windows server 2008/sp2
- version/microsoft windows server 2008/r2-sp1
- canonical/microsoft windows server 2012
- version/microsoft windows server 2012/r2
- canonical/microsoft windows server 2016
- canonical/microsoft windows server 2019
- canonical/microsoft windows server 2022
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/36
- version/fedoraproject fedora/37
- vendor/netapp
- canonical/netapp management services for element software
- canonical/netapp management services for netapp hci
- vendor/samba
- canonical/samba samba
- version/samba samba/4.16.0
- version/samba samba/4.17.0
- canonical/microsoft windows server 2012 r2
- canonical/microsoft windows server 2008 r2