How severe is CVE-2021-27393?

CVE-2021-27393 has a CVSS v3 score of 5.3 (MEDIUM).

CVE-2021-27393

5.3MEDIUM

A vulnerability has been identified in Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2013.08), Nucleus Source Code (Versions including affected DNS modules). The DNS client does n

Publicado: 4/22/2021Actualizado: 11/21/2024

Descripción

A vulnerability has been identified in Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2013.08), Nucleus Source Code (Versions including affected DNS modules). The DNS client does not properly randomize UDP port numbers of DNS requests. That could allow an attacker to poison the DNS cache or spoof DNS resolving.

Análisis IAImpulsado por IA

Productos Afectados

siemensnucleus_net

siemensnucleus_readystart_v3

siemensnucleus_source_code

Referencias

https://cert-portal.siemens.com/productcert/pdf/ssa-201384.pdf
Vendor Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-201384.pdf
Vendor Advisory