Search for vulnerabilities
Vulnerability details: VCID-vdnn-s8fy-aaag
Vulnerability ID VCID-vdnn-s8fy-aaag
Aliases CVE-2022-32742
Summary A flaw was found in Samba. Some SMB1 write requests were not correctly range-checked to ensure the client had sent enough data to fulfill the write, allowing server memory contents to be written into the file (or printer) instead of client-supplied data. The client cannot control the area of the server memory written to the file (or printer).
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
System Score Found at
cvssv3 4.3 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32742.json
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00161 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00172 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00172 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00448 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.02979 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.02979 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.03166 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.03166 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.04418 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.04418 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.04418 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.04418 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.04418 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.04418 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.04418 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.04418 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.04418 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=2108196
cvssv3.1 4.3 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3 4.3 https://nvd.nist.gov/vuln/detail/CVE-2022-32742
cvssv3.1 4.3 https://nvd.nist.gov/vuln/detail/CVE-2022-32742
archlinux High https://security.archlinux.org/AVG-2782
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32742.json
https://api.first.org/data/v1/epss?cve=CVE-2022-32742
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2031
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32742
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32744
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32745
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32746
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html
https://security.gentoo.org/glsa/202309-06
https://www.samba.org/samba/security/CVE-2022-32742.html
1016449 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016449
2108196 https://bugzilla.redhat.com/show_bug.cgi?id=2108196
AVG-2782 https://security.archlinux.org/AVG-2782
cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
CVE-2022-32742 https://nvd.nist.gov/vuln/detail/CVE-2022-32742
RHSA-2022:7056 https://access.redhat.com/errata/RHSA-2022:7056
RHSA-2022:7111 https://access.redhat.com/errata/RHSA-2022:7111
RHSA-2022:8317 https://access.redhat.com/errata/RHSA-2022:8317
USN-5542-1 https://usn.ubuntu.com/5542-1/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32742.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2022-32742
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2022-32742
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.33691
EPSS Score 0.00161
Published At March 28, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.