Lucene search
HistoryDec 23, 2023 - 1:15 p.m.
CVE-2023-7008
vulnerability
systemd-resolved
dnssec
unsigned records
manipulation
cve-2023-7008
CVSS3
5.9
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS
0.001
Percentile
27.9%
A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records.
Affected configurations
Node
systemd_projectsystemdMatch25
debiandebian_linuxMatch8.0
ORdebiandebian_linuxMatch9.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| systemd_project | systemd | 25 | cpe:2.3:a:systemd_project:systemd:25:*:*:*:*:*:*:* |
| debian | debian_linux | 8.0 | cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* |
| debian | debian_linux | 9.0 | cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* |
Related
veracode
veracode
Man-in-the-Middle (MitM)
2023-12-26 06:18:11
prion
prion
Design/Logic Flaw
2023-12-23 13:15:00
openvas
openvas
Huawei EulerOS: Security Advisory for systemd (EulerOS-SA-2024-1230)
2024-03-12 00:00:00
Huawei EulerOS: Security Advisory for systemd (EulerOS-SA-2024-1327)
2024-03-13 00:00:00
Huawei EulerOS: Security Advisory for systemd (EulerOS-SA-2024-1499)
2024-04-08 00:00:00
almalinux
almalinux
Moderate: systemd security update
2024-04-30 00:00:00
Moderate: systemd security update
2024-05-22 00:00:00
nessus
nessus
EulerOS 2.0 SP11 : systemd (EulerOS-SA-2024-1252)
2024-03-12 00:00:00
EulerOS Virtualization 2.11.1 : systemd (EulerOS-SA-2024-1622)
2024-05-15 00:00:00
EulerOS 2.0 SP9 : systemd (EulerOS-SA-2024-1520)
2024-04-08 00:00:00
cve
cve
CVE-2023-7008
2023-12-23 13:15:07
debiancve
debiancve
CVE-2023-7008
2023-12-23 13:15:07
fedora
fedora
[SECURITY] Fedora 39 Update: systemd-254.8-2.fc39
2024-01-24 01:30:31
[SECURITY] Fedora 38 Update: systemd-253.15-2.fc38
2024-01-27 02:13:16
osv
osv
CVE-2023-7008
2023-12-23 13:15:07
Moderate: systemd security update
2024-04-30 00:00:00
Security update for systemd
2024-09-05 15:05:38
cvelist
cvelist
ubuntucve
ubuntucve
CVE-2023-7008
2023-12-23 00:00:00
oraclelinux
oraclelinux
systemd security update
2024-05-23 00:00:00
systemd security update
2024-05-03 00:00:00
rocky
rocky
systemd security update
2024-05-10 14:32:36
cbl_mariner
cbl_mariner
CVE-2023-7008 affecting package systemd for versions less than 123
2024-09-27 09:12:43
redhatcve
redhatcve
CVE-2023-7008
2023-12-20 16:00:37
redhat
redhat
(RHSA-2024:2463) Moderate: systemd security update
2024-04-30 06:15:46
(RHSA-2024:3203) Moderate: systemd security update
2024-05-22 06:35:57
redos
redos
ROS-20240425-05
2024-04-25 00:00:00
CVSS3
5.9
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS
0.001
Percentile
27.9%
Related for NVD:CVE-2023-7008