Lucene search
RedhatCVE-2022-2837HistoryMar 03, 2023 - 4:15 p.m.
CVE-2022-2837
2023-03-0316:15:09
CWE-601
CWE-923
redhat
web.nvd.nist.gov
39
flaw
coredns
security
redirect
traffic
cve-2022-2837
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
AI Score
6
Confidence
High
EPSS
0.001
Percentile
31.0%
A flaw was found in coreDNS. This flaw allows a malicious user to redirect traffic intended for external top-level domains (TLD) to a pod they control by creating projects and namespaces that match the TLD.
Affected configurations
Node
coredns.iocorednsMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| coredns.io | coredns | - | cpe:/a:coredns.io:coredns:-::: |
CNA Affected
[
{
"vendor": "n/a",
"product": "coreDNS",
"versions": [
{
"version": "unknown",
"status": "affected"
}
]
}
]Related
osv
osv
CGA-qmrc-6qmj-8wfg
2024-06-06 12:26:19
CGA-66wc-mcp8-329v
2024-06-06 12:24:28
CGA-q3h5-h64q-p5xg
2024-06-06 12:28:55
github
github
cgr
cgr
CVE-2022-2837 vulnerabilities
2024-05-19 03:07:16
prion
prion
Design/Logic Flaw
2023-03-03 16:15:00
redhatcve
redhatcve
CVE-2022-2837
2022-08-16 09:08:12
cvelist
cvelist
CVE-2022-2837
2023-03-03 00:00:00
nvd
nvd
CVE-2022-2837
2023-03-03 16:15:09
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
AI Score
6
Confidence
High
EPSS
0.001
Percentile
31.0%
Related for CVE-2022-2837