Описание
The Multicast DNS (mDNS) responder used in BOSE Soundtouch 30 inadvertently responds to IPv4 unicast queries with source addresses that are not link-local, which allows remote attackers to cause a denial of service (traffic amplification) or obtain potentially sensitive information via port-5353 UDP packets.
Ссылки
- MitigationThird Party Advisory
- MitigationThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:h:bose:soundtouch_30:-:*:*:*:*:*:*:*
EPSS
Процентиль: 74%
0.00806
Низкий
9.1 Critical
CVSS3
6.4 Medium
CVSS2
Дефекты
CWE-417
Связанные уязвимости
CVSS3: 9.1
github
больше 3 лет назад
The Multicast DNS (mDNS) responder used in BOSE Soundtouch 30 inadvertently responds to IPv4 unicast queries with source addresses that are not link-local, which allows remote attackers to cause a denial of service (traffic amplification) or obtain potentially sensitive information via port-5353 UDP packets.
EPSS
Процентиль: 74%
0.00806
Низкий
9.1 Critical
CVSS3
6.4 Medium
CVSS2
Дефекты
CWE-417