Lucene search

K
cvelistTenableCVELIST:CVE-2019-3978
HistoryOct 28, 2019 - 9:32 p.m.

CVE-2019-3978

2019-10-2821:32:57
CWE-306
tenable
www.cve.org

7.7 High

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.2%

RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below allow remote unauthenticated attackers to trigger DNS queries via port 8291. The queries are sent from the router to a server of the attacker’s choice. The DNS responses are cached by the router, potentially resulting in cache poisoning

CNA Affected

[
  {
    "product": "MikroTik RouterOS",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "RouterOS 6.45.6 Stable and below. RouterOS 6.44.5 Long-term and below."
      }
    ]
  }
]

7.7 High

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.2%