VDB
CVE-2020-25926
CVE-2020-25926
PUBLISHED
CVSS 7.5 HIGH
The DNS client in InterNiche NicheStack TCP/IP 4.0.1 is affected by: Insufficient entropy in the DNS transaction id. The impact is: DNS cache poisoning (remote). The component is: dns_query_type(). The attack vector is: a specific DNS response packet.
EPSS 0.29% · 52.6th percentile
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS Score
0.29%
52.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| hcc-embedded | nichestack_tcp\/ip | 4.0.1 |
Exploit Intelligence
Timeline
- Aug 18, 2021 CVE Published
- Aug 19, 2021 EPSS Score
- Oct 16, 2021 EPSS Score
- Dec 14, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 10, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Apr 10, 2022 EPSS Score
- Jun 7, 2022 EPSS Score
- Aug 5, 2022 EPSS Score
- Oct 3, 2022 EPSS Score
- Nov 30, 2022 EPSS Score