CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L
AI Score
Confidence
High
EPSS
Percentile
9.4%
A flaw was found in the dnsjava package, a DNS implementation written in the Java language. The dnsjava package does not properly check the DNS resource records (RR) relevancy to the DNS query being processed, allowing an attacker to respond to the DNS request with RRs from different zones. This issue may lead to data integrity and confidentiality issues for applications, which due to DNSSEC specifications, might assume the returned RRs are authentic.
Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.