Denial of Service Vulnerability in Knot DNS by CZ.NIC
CVE-2014-0486

7.5HIGH

Key Information:

Vendor: Nic
Status: Knot Cms
Vendor: CVE Published:; 27 March 2018

🔔 Create Nic Vulnerability Alert

What is CVE-2014-0486?

Knot DNS versions prior to 1.5.2 are susceptible to a denial of service attack, allowing remote attackers to crash the application by sending specially crafted DNS messages. This vulnerability poses a risk to service availability, disrupting operational functionality.

References

https://gitlab.labs.nic.cz/knot/knot-dns/issues/294

x_refsource_CONFIRM

http://www.securityfocus.com/bid/70097

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/96185

vdb-entryx_refsource_XF

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 27, 2018
Vulnerability Reserved
Dec 19, 2013

CVE-2014-0486 Data

.