4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.111 Low
EPSS
Percentile
95.1%
Problem Description:
When named(8) is operating as a recursive DNS server or
sending NOTIFY requests to slave DNS servers, named(8)
uses a predictable query id.
Impact:
An attacker who can see the query id for some request(s)
sent by named(8) is likely to be able to perform DNS cache
poisoning by predicting the query id for other request(s).
Workaround:
No workaround is available.