CVE-2018-1000003

Опубликовано: 22 янв. 2018

Источник: nvd

CVSS3: 3.7

CVSS2: 4.3

EPSS Низкий

Описание

Improper input validation bugs in DNSSEC validators components in PowerDNS version 4.1.0 allow attacker in man-in-the-middle position to deny existence of some data in DNS via packet replay.

Ссылки

https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2018-01.html
Vendor Advisory
https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2018-01.html
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:powerdns:recursor:4.1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 3%

0.00017

Низкий

3.7 Low

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

CVE-2018-1000003

CVSS3: 3.7

ubuntu

около 8 лет назад

Improper input validation bugs in DNSSEC validators components in PowerDNS version 4.1.0 allow attacker in man-in-the-middle position to deny existence of some data in DNS via packet replay.

CVE-2018-1000003

CVSS3: 3.7

debian

около 8 лет назад

Improper input validation bugs in DNSSEC validators components in Powe ...

GHSA-vm3q-6vgq-8qhr

CVSS3: 3.7

github

больше 3 лет назад

Improper input validation bugs in DNSSEC validators components in PowerDNS version 4.1.0 allow attacker in man-in-the-middle position to deny existence of some data in DNS via packet replay.

EPSS

Процентиль: 3%

0.00017

Низкий

3.7 Low

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-20