VDB

CVE-2020-25926

CVE-2020-25926 PUBLISHED CVSS 7.5 HIGH

The DNS client in InterNiche NicheStack TCP/IP 4.0.1 is affected by: Insufficient entropy in the DNS transaction id. The impact is: DNS cache poisoning (remote). The component is: dns_query_type(). The attack vector is: a specific DNS response packet.

EPSS 0.29% · 52.6th percentile

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS Score
0.29%
52.6th percentile

Affected Products

VendorProductVersions
n/an/an/a
hcc-embeddednichestack_tcp\/ip4.0.1

Timeline

  • Aug 18, 2021 CVE Published
  • Aug 19, 2021 EPSS Score
  • Oct 16, 2021 EPSS Score
  • Dec 14, 2021 EPSS Score
  • Jan 6, 2022 EPSS Score
  • Feb 10, 2022 EPSS Score
  • Apr 1, 2022 EPSS Score
  • Apr 10, 2022 EPSS Score
  • Jun 7, 2022 EPSS Score
  • Aug 5, 2022 EPSS Score
  • Oct 3, 2022 EPSS Score
  • Nov 30, 2022 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›