CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
AI Score
Confidence
High
EPSS
Percentile
78.9%
The DNS resolver in unspecified versions of Infoblox DNS One, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods.
Vendor | Product | Version | CPE |
---|---|---|---|
infoblox | dns_one | * | cpe:2.3:a:infoblox:dns_one:*:*:*:*:*:*:*:* |
isc | bind | 4.9 | cpe:2.3:a:isc:bind:4.9:*:*:*:*:*:*:* |
isc | bind | 4.9.2 | cpe:2.3:a:isc:bind:4.9.2:*:*:*:*:*:*:* |
isc | bind | 4.9.3 | cpe:2.3:a:isc:bind:4.9.3:*:*:*:*:*:*:* |
isc | bind | 4.9.4 | cpe:2.3:a:isc:bind:4.9.4:*:*:*:*:*:*:* |
isc | bind | 4.9.5 | cpe:2.3:a:isc:bind:4.9.5:*:*:*:*:*:*:* |
isc | bind | 4.9.5 | cpe:2.3:a:isc:bind:4.9.5:p1:*:*:*:*:*:* |
isc | bind | 4.9.6 | cpe:2.3:a:isc:bind:4.9.6:*:*:*:*:*:*:* |
isc | bind | 4.9.7 | cpe:2.3:a:isc:bind:4.9.7:*:*:*:*:*:*:* |
isc | bind | 4.9.8 | cpe:2.3:a:isc:bind:4.9.8:*:*:*:*:*:*:* |