Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistRedhatCVELIST:CVE-2020-14312
HistoryFeb 05, 2021 - 11:16 p.m.

CVE-2020-14312

2021-02-0523:16:33
CWE-284
redhat
www.cve.org
6
dnsmasq
default configuration
ddos

AI Score

5.7

Confidence

High

EPSS

0.001

Percentile

36.9%

JSON

A flaw was found in the default configuration of dnsmasq, as shipped with Fedora versions prior to 31 and in all versions Red Hat Enterprise Linux, where it listens on any interface and accepts queries from addresses outside of its local subnet. In particular, the option local-service is not enabled. Running dnsmasq in this manner may inadvertently make it an open resolver accessible from any address on the internet. This flaw allows an attacker to conduct a Distributed Denial of Service (DDoS) against other systems.

CNA Affected

[
  {
    "product": "dnsmasq",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Fedora version prior to 31"
      },
      {
        "status": "affected",
        "version": "all RHEL versions"
      }
    ]
  }
]

Related

openvas 19
nessus 22
ubuntucve 1
mageia 1
fedora 4
cve 1
amazon 1
debiancve 1
prion 1
redhatcve 1
nvd 1
osv 1
suse 2
openvas
openvas
Huawei EulerOS: Security Advisory for dnsmasq (EulerOS-SA-2022-2760)
2022-11-14 00:00:00
Huawei EulerOS: Security Advisory for dnsmasq (EulerOS-SA-2024-1678)
2024-05-17 00:00:00
Fedora: Security Advisory for dnsmasq (FEDORA-2020-54760174b6)
2020-10-06 00:00:00
nessus
nessus
EulerOS Virtualization 3.0.6.0 : dnsmasq (EulerOS-SA-2024-1678)
2024-05-17 00:00:00
EulerOS Virtualization 2.9.1 : dnsmasq (EulerOS-SA-2023-1189)
2023-01-11 00:00:00
Fedora 33 : dnsmasq (2020-54760174b6)
2020-10-08 00:00:00
ubuntucve
ubuntucve
CVE-2020-14312
2021-02-06 00:00:00
mageia
mageia
Updated dnsmasq packages fix security vulnerability
2020-08-01 02:25:42
fedora
fedora
[SECURITY] Fedora 32 Update: dnsmasq-2.81-5.fc32
2020-10-17 14:09:19
[SECURITY] Fedora 32 Update: dnsmasq-2.81-4.fc32
2020-07-21 01:03:33
[SECURITY] Fedora 31 Update: dnsmasq-2.80-16.fc31
2020-07-16 01:24:34
cve
cve
CVE-2020-14312
2021-02-06 00:15:12
amazon
amazon
Medium: dnsmasq
2020-07-31 19:20:00
debiancve
debiancve
CVE-2020-14312
2021-02-06 00:15:12
prion
prion
Default configuration
2021-02-06 00:15:00
redhatcve
redhatcve
CVE-2020-14312
2020-06-30 09:51:13
nvd
nvd
CVE-2020-14312
2021-02-06 00:15:12
osv
osv
dnsmasq-2.86-3.1 on GA media
2024-06-15 00:00:00
suse
suse
Security update for dnsmasq (moderate)
2021-10-31 00:00:00
Security update for dnsmasq (moderate)
2021-10-27 00:00:00

AI Score

5.7

Confidence

High

EPSS

0.001

Percentile

36.9%

JSON
Related for CVELIST:CVE-2020-14312
openvas19nessus22ubuntucve1mageia1fedora4cve1amazon1debiancve1prion1redhatcve1nvd1osv1suse2