CVE-2023-0614: 
Samba vulnerability analysis and mitigation

The vulnerability (CVE-2023-0614) affects all Samba releases since Samba 4.0. The issue stems from an insufficient fix in versions 4.6.16, 4.7.9, 4.8.4, and 4.9.7 for a previous vulnerability (CVE-2018-10919) related to confidential attribute disclosure via LDAP filters. This vulnerability could allow an attacker to obtain confidential BitLocker recovery keys from a Samba Active Directory Domain Controller (AD DC) (Samba Security).

The vulnerability involves the handling of access control for different classes of attributes in Active Directory, including secret attributes, confidential attributes, access-controlled attributes, and public attributes. The issue specifically affects the implementation of access control restrictions, which were only applied after matching objects against LDAP filters. This implementation allowed unauthorized access to confidential and access-controlled attributes through LDAP filter manipulation. The vulnerability has received a CVSS v3.1 score of 7.7 (High), with the vector string CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N (Samba Security).

The primary impact of this vulnerability is the potential unauthorized disclosure of sensitive information. Attackers may be able to obtain confidential BitLocker recovery keys, TPM owner passwords, and certificate secret keys stored with Credential Roaming from a Samba AD DC. Organizations using such secrets in their Samba AD should assume they have been compromised and need replacement (Samba Security).

The primary mitigation is to upgrade to the patched versions of Samba. Additionally, organizations should take steps to ensure that potentially leaked data is no longer useful, including re-encrypting BitLocker encrypted drives, changing TPM passwords, and revoking and re-issuing certificates stored by Credential Roaming. As a workaround, organizations can avoid storing confidential information in Active Directory, except for passwords or keys required for AD operation (Samba Security).