VDB

GCVE-110-CERTCC-2014-210620

GCVE-110-CERTCC-2014-210620
Advisory PublishedCVSS 6.8/10
Vulnetix · Advisory published November 3, 2014
The DNS resolver implemented in uIP and lwIP is vulnerable to cache poisoning due to non-randomized transaction IDs (TXIDs) and source port reuse.

Risk Scores

CVSS 2.0
6.8/10
Medium · AV:N/AC:M/Au:N/C:P/I:P/A:P
certcc-cam
certcc-cam
impact0population0exploitation0widely_known0score_current0ease_of_exploitation0
certcc-vrda
certcc-vrda
d1_impact3d1_population3d1_direct_report1
certcc-cvss-temporal-env
certcc-cvss-temporal-env
temporal_score5remediation_levelOFreport_confidenceCenvironmental_score5.04511739268863target_distributionNDenvironmental_vectorCDP:ND/TD:ND/CR:ND/IR:ND/AR:ND

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›