CVE-2022-30257
Last modified
CVE-2022-30257 is a critical-severity vulnerability rated 9.8/10 on the CVSS scale. An issue was discovered in Technitium DNS Server through 8.0.2 that allows variant V1 of unintended domain name resolution. A revoked domain name can still be resolvable for a long time, including expired domains and taken-down malicious domains. EPSS estimates a 0.67% chance of exploitation in the next 30 days.
Description
An issue was discovered in Technitium DNS Server through 8.0.2 that allows variant V1 of unintended domain name resolution. A revoked domain name can still be resolvable for a long time, including expired domains and taken-down malicious domains. The effects of an exploit would be widespread and highly impactful, because the exploitation conforms to de facto DNS specifications and operational practices, and overcomes current mitigation patches for "Ghost" domain names.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Technitium | Dns Server | <= 8.0.2 |
References
- https://github.com/TechnitiumSoftware/DnsServer/blob/master/CHANGELOG.md#version-81Release Notes, Third Party Advisory
- https://github.com/TechnitiumSoftware/DnsServer/blob/master/CHANGELOG.md#version-81Release Notes, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2022-30257?
How severe is CVE-2022-30257?
How do I fix CVE-2022-30257?
Are you affected by CVE-2022-30257?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST