Описание
The DNS client in InterNiche NicheStack TCP/IP 4.0.1 is affected by: Insufficient entropy in the DNS transaction id. The impact is: DNS cache poisoning (remote). The component is: dns_query_type(). The attack vector is: a specific DNS response packet.
Ссылки
- MitigationThird Party Advisory
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
- MitigationThird Party Advisory
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:hcc-embedded:nichestack_tcp\/ip:4.0.1:*:*:*:*:*:*:*
EPSS
Процентиль: 52%
0.00289
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-331
Связанные уязвимости
github
больше 3 лет назад
The DNS client in InterNiche NicheStack TCP/IP 4.0.1 is affected by: Insufficient entropy in the DNS transaction id. The impact is: DNS cache poisoning (remote). The component is: dns_query_type(). The attack vector is: a specific DNS response packet.
CVSS3: 4
fstec
больше 4 лет назад
Уязвимость DNS-клиента стеков TCP/IP NicheLite и InterNiche, позволяющая нарушителю проводить спуфинг-атаки
EPSS
Процентиль: 52%
0.00289
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-331