Vulnerability Details : CVE-2022-44640
Heimdal before 7.7.1 allows remote attackers to execute arbitrary code because of an invalid free in the ASN.1 codec used by the Key Distribution Center (KDC).
Vulnerability category: Execute code
Products affected by CVE-2022-44640
- cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
- cpe:2.3:a:heimdal_project:heimdal:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2022-44640
2.22%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 90 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2022-44640
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
References for CVE-2022-44640
-
https://github.com/heimdal/heimdal/security/advisories/GHSA-88pm-hfmq-7vv4
Invalid free in ASN.1 codec · Advisory · heimdal/heimdal · GitHubThird Party Advisory
-
https://security.gentoo.org/glsa/202310-06
Heimdal: Multiple Vulnerabilities (GLSA 202310-06) — Gentoo security
-
https://security.netapp.com/advisory/ntap-20230216-0008/
December 2022 Heimdal Vulnerabilities in NetApp Products | NetApp Product SecurityThird Party Advisory
Jump to