Описание
A flaw was found in coreDNS. This flaw allows a malicious user to reroute internal calls to some internal services that were accessed by the FQDN in a format of ..svc.
Ссылки
- Issue TrackingThird Party Advisory
- Issue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:coredns.io:coredns:-:*:*:*:*:*:*:*
EPSS
Процентиль: 10%
0.00036
Низкий
4.4 Medium
CVSS3
Дефекты
CWE-923
NVD-CWE-Other
Связанные уязвимости
CVSS3: 4.4
redhat
больше 3 лет назад
A flaw was found in coreDNS. This flaw allows a malicious user to reroute internal calls to some internal services that were accessed by the FQDN in a format of <service>.<namespace>.svc.
CVSS3: 4.4
debian
почти 3 года назад
A flaw was found in coreDNS. This flaw allows a malicious user to rero ...
CVSS3: 4.4
github
почти 3 года назад
coreDNS vulnerable to Improper Restriction of Communication Channel to Intended Endpoints
EPSS
Процентиль: 10%
0.00036
Низкий
4.4 Medium
CVSS3
Дефекты
CWE-923
NVD-CWE-Other