6.8 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.101 Low
EPSS
Percentile
94.8%
Problem Description:
The BIND DNS implementation does not randomize the UDP source
port when doing remote queries, and the query id alone does
not provide adequate randomization.
Impact:
The lack of source port randomization reduces the amount of
data the attacker needs to guess in order to successfully
execute a DNS cache poisoning attack. This allows the
attacker to influence or control the results of DNS queries
being returned to users from target systems.
Workaround:
Limiting the group of machines that can do recursive queries
on the DNS server will make it more difficult, but not
impossible, for this vulnerability to be exploited.
To limit the machines able to perform recursive queries, add an ACL in
named.conf and limit recursion like the following:
acl example-acl {
192.0.2.0/24;
};
options {
recursion yes;
allow-recursion { example-acl; };
};
6.8 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.101 Low
EPSS
Percentile
94.8%