Does CVE-2022-38023 impact StorageGRID?
- Views:
- 151
- Visibility:
- Public
- Votes:
- 0
- Category:
- storagegrid-webscale
- Specialty:
- sgrid
- Last Updated:
- 5/2/2023, 10:49:08 AM
Applies to
StorageGRID
Answer
- The Microsoft fixes for this CVE covers Windows changes to Netlogon and Kerberos.
- NTAP-20230110-0003 covers only the Samba use of this CVE.
- StorageGRID utilizes Samba only for log file sharing.
- Its use of Samba was deprecated in StorageGRID version 11.4.
- Only Samba can be configured to use Netlogon in StorageGRID.
- LDAP integration in StorageGRID uses TLS.