Lucene search
HistoryMar 03, 2023 - 4:15 p.m.
CVE-2022-2835
coredns
internal calls
malicious user
CVSS3
4.4
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
AI Score
4.5
Confidence
High
EPSS
0
Percentile
9.0%
A flaw was found in coreDNS. This flaw allows a malicious user to reroute internal calls to some internal services that were accessed by the FQDN in a format of <service>.<namespace>.svc.
Affected configurations
Node
coredns.iocorednsMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| coredns.io | coredns | - | cpe:2.3:a:coredns.io:coredns:-:*:*:*:*:*:*:* |
Related
osv
osv
CGA-g585-m29f-fqp4
2024-06-06 12:25:56
CGA-p57j-72gg-7qfm
2024-06-06 12:28:38
CGA-35r2-m46w-fxjw
2024-06-06 12:21:27
prion
prion
Format string
2023-03-03 16:15:00
redhatcve
redhatcve
CVE-2022-2835
2022-08-16 09:08:21
cve
cve
CVE-2022-2835
2023-03-03 16:15:09
github
github
cvelist
cvelist
CVE-2022-2835
2023-03-03 00:00:00
cgr
cgr
CVE-2022-2835 vulnerabilities
2024-05-19 03:07:16
CVSS3
4.4
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
AI Score
4.5
Confidence
High
EPSS
0
Percentile
9.0%
Related for NVD:CVE-2022-2835