VDB
CVE-2021-25220
CVE-2021-25220
PUBLISHED
CVSS 6.800000190734863 MEDIUM
When using forwarders, bogus NS records supplied by, or via, those forwarders may be cached and used by named if it needs to recurse for any reason, causing it to obtain and pass on potentially incor-rect answers. This could cause DNS cache poisoning that could potentially lead to a denial of service and information disclosure by an authenticated attacker.
EPSS 0.09% · 25.1th percentile
Risk Scores
CVSS v3.1
6.800000190734863
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N/E:P/RL:W/RC:C
EPSS Score
0.09%
25.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| ABB | ABB M2M Gateway ARM600, firmware versions >=4.1.2|<=5.0.3 | |
| ABB | ABB M2M Gateway SW, software versions >=5.0.1|<=5.0.3 |
Timeline
- Mar 9, 2022 CVE Published
- Mar 24, 2022 EPSS Score
- Apr 9, 2022 EPSS Score
- May 14, 2022 EPSS Score
- Aug 25, 2022 EPSS Score
- Sep 14, 2022 EPSS Score
- Oct 14, 2022 EPSS Score
- Oct 31, 2022 EPSS Score
- Dec 4, 2022 EPSS Score
- Jan 24, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 16, 2023 EPSS Score
References
- https://psirt.abb.com/csaf/2025/2nga002579.json advisory
- https://library.e.abb.com/public/ffab1a14a42646c6adee38fc3de61dad/Arctic_csdepl_758860_ENf.pdf advisory
- https://library.e.abb.com/public/0498e4c0babd46aa9243aedd6f99c375/ARM600_user_758861_ENk.pdf advisory
- https://new.abb.com/service/electrification/life-cycle-management?pe_data=D42415F457244415145784545584371%7C29609824 advisory
- https://search.abb.com/library/Download.aspx?DocumentID=2NGA002579&LanguageCode=en&DocumentPartId=pdf&Action=Launch advisory
- https://search.abb.com/library/Download.aspx?DocumentID=1MRS758860&LanguageCode=en&DocumentPartId=&Action=Launch advisory
- https://nvd.nist.gov/vuln/detail/CVE-2021-25220 advisory