Lucene search
RedhatCVE-2022-2835HistoryMar 03, 2023 - 4:15 p.m.
CVE-2022-2835
2023-03-0316:15:09
CWE-923
redhat
web.nvd.nist.gov
33
nvd
cve-2022-2835
coredns
security
flaw
internal services
CVSS3
4.4
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
AI Score
4.4
Confidence
High
EPSS
0
Percentile
9.0%
A flaw was found in coreDNS. This flaw allows a malicious user to reroute internal calls to some internal services that were accessed by the FQDN in a format of <service>.<namespace>.svc.
Affected configurations
Node
coredns.iocorednsMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| coredns.io | coredns | - | cpe:/a:coredns.io:coredns:-::: |
CNA Affected
[
{
"vendor": "n/a",
"product": "coreDNS",
"versions": [
{
"version": "unknown",
"status": "affected"
}
]
}
]Related
osv
osv
CGA-35r2-m46w-fxjw
2024-06-06 12:21:27
CGA-rgr8-gg9j-r4mv
2024-06-06 12:26:22
github
github
nvd
nvd
CVE-2022-2835
2023-03-03 16:15:09
cgr
cgr
CVE-2022-2835 vulnerabilities
2024-05-19 03:07:16
prion
prion
Format string
2023-03-03 16:15:00
redhatcve
redhatcve
CVE-2022-2835
2022-08-16 09:08:21
cvelist
cvelist
CVE-2022-2835
2023-03-03 00:00:00
CVSS3
4.4
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
AI Score
4.4
Confidence
High
EPSS
0
Percentile
9.0%
Related for CVE-2022-2835