Lucene search
MitreCVE-2022-33991HistoryAug 15, 2022 - 1:15 p.m.
CVE-2022-33991
2022-08-1513:15:19
CWE-290
mitre
web.nvd.nist.gov
40
cve-2022-33991
dproxy-nexgen
dns
cd bit
dnssec
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
AI Score
5.3
Confidence
High
EPSS
0.001
Percentile
34.1%
dproxy-nexgen (aka dproxy nexgen) forwards and caches DNS queries with the CD (aka checking disabled) bit set to 1. This leads to disabling of DNSSEC protection provided by upstream resolvers.
Affected configurations
Node
dproxy-nexgen_projectdproxy-nexgenMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| dproxy-nexgen_project | dproxy-nexgen | - | cpe:2.3:a:dproxy-nexgen_project:dproxy-nexgen:-:*:*:*:*:*:*:* |
Related
prion
prion
Design/Logic Flaw
2022-08-15 13:15:00
cvelist
cvelist
CVE-2022-33991
2022-08-15 12:10:15
nvd
nvd
CVE-2022-33991
2022-08-15 13:15:19
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
AI Score
5.3
Confidence
High
EPSS
0.001
Percentile
34.1%
Related for CVE-2022-33991