CVE-2017-10874

PWR-Q200 does not use random values for source ports of DNS query packets, which allows remote attackers to conduct DNS cache poisoning…

jpcert·CWE-330·Published 2017-12-01

CVSS

—

EPSS

0.01

KEV

Exploits

cve.orgen

144 chars

PWR-Q200 does not use random values for source ports of DNS query packets, which allows remote attackers to conduct DNS cache poisoning attacks.

NVDen

144 chars

PWR-Q200 does not use random values for source ports of DNS query packets, which allows remote attackers to conduct DNS cache poisoning attacks.

NVDes

200 chars

PWR-Q200 no utiliza valores aleatorios para los puertos de origen de los paquetes de consultas DNS, lo que permite que los atacantes remotos realicen ataques de envenenamiento de la memoria caché DNS.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:N/I:P/A:N
3.0	Primary	NVD	7.5	3.9	3.6	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N