How severe is CVE-2021-27393?

CVE-2021-27393 has a CVSS v3 score of 5.3 (MEDIUM).

CVE-2021-27393

5.3MEDIUM

A vulnerability has been identified in Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2013.08), Nucleus Source Code (Versions including affected DNS modules). The DNS client does n

Veröffentlicht: 4/22/2021Aktualisiert: 11/21/2024

Beschreibung

A vulnerability has been identified in Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2013.08), Nucleus Source Code (Versions including affected DNS modules). The DNS client does not properly randomize UDP port numbers of DNS requests. That could allow an attacker to poison the DNS cache or spoof DNS resolving.

KI-AnalyseKI-gestützt

Betroffene Produkte

siemensnucleus_net

siemensnucleus_readystart_v3

siemensnucleus_source_code

Referenzen

https://cert-portal.siemens.com/productcert/pdf/ssa-201384.pdf
Vendor Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-201384.pdf
Vendor Advisory