Lucene search

PRIOn knowledge basePRION:CVE-2020-5591

HistoryJun 05, 2020 - 6:15 p.m.

Race condition

2020-06-0518:15:00

PRIOn knowledge base

www.prio-n.com

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.5 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.002 Low

EPSS

Percentile

56.6%

JSON

XACK DNS 1.11.0 to 1.11.4, 1.10.0 to 1.10.8, 1.8.0 to 1.8.23, 1.7.0 to 1.7.18, and versions before 1.7.0 allow remote attackers to cause a denial of service condition resulting in degradation of the recursive resolver’s performance or compromising the recursive resolver as a reflector in a reflection attack.

CPENameOperatorVersion
xack_dnsle1.7.18
xack_dnsge1.8.0
xack_dnsle1.8.23
xack_dnsge1.10.0
xack_dnsle1.10.8
xack_dnsge1.11.0
xack_dnsle1.11.4

Name	Operator	Version
xack_dns	le	1.7.18
xack_dns	ge	1.8.0
xack_dns	le	1.8.23
xack_dns	ge	1.10.0
xack_dns	le	1.10.8
xack_dns	ge	1.11.0
xack_dns	le	1.11.4

References

jvn.jp/en/jp/JVN40208370/index.html

xack.co.jp/info/?ID=622

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.5 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.002 Low

EPSS

Percentile

56.6%

JSON

Related for PRION:CVE-2020-5591