Products
CoreDNS
- through 1.10.1
Source
cve@mitre.org
Tags
CVE-2023-28452 details
Published : Sept. 18, 2024, 3:15 p.m.
Last Modified : Sept. 18, 2024, 3:15 p.m.
Last Modified : Sept. 18, 2024, 3:15 p.m.
Description
An issue was discovered in CoreDNS through 1.10.1. There is a vulnerability in DNS resolving software, which triggers a resolver to ignore valid responses, thus causing denial of service for normal resolution. In an exploit, the attacker could just forge a response targeting the source port of a vulnerable resolver without the need to guess the correct TXID.
CVSS Score
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 |
---|
Weakness
Weakness | Name | Description |
---|
References
URL | Source |
---|---|
https://coredns.io/ | cve@mitre.org |
https://gist.github.com/idealeer/e41c7fb3b661d4262d0b6f21e12168ba | cve@mitre.org |
This website uses the NVD API, but is not approved or certified by it.