CVE-2022-38023 is only for RPC_NETLOGON, not specifically for NTLM. CVE-2022-38023 does not impact local authenticated CIFS users How to diagnose and mitigate impact due to CVE-2022-38023 - Resolution...CVE-2022-38023 is only for RPC_NETLOGON, not specifically for NTLM. CVE-2022-38023 does not impact local authenticated CIFS users How to diagnose and mitigate impact due to CVE-2022-38023 - Resolution Guide - NetApp Knowledge Base To ensure that local accounts are being evaluated, the client has to pass credentials as "cifsservername\local-user". If the credentials are not passed as "cifsservername\local-user", ONTAP will attempt to use passthrough and refer those credentials to the local DC
