Home > Vulnerability Database > WS-2023-0252

Mend.io Vulnerability Database

WS-2023-0252

Good to know:

Date: July 5, 2023

graylog2-server before 5.0.9 and 5.1.x before 5.1.3 utilises only one single source port for DNS queries. An external attacker could inject forged DNS responses into a Graylog's lookup table cache. In order to prevent this, it is at least recommendable to distribute the DNS queries through a pool of distinct sockets, each of them with a random source port and renew them periodically.

Language: Java

Severity Score

6.5

Related Resources (2)

Url: https://github.com/Graylog2/graylog2-server/commit/466af814523cffae9fbc7e77bab7472988f03c3e

Url: https://www.mend.io/vulnerability-database/WS-2023-0252

Severity Score

6.5

Weakness Type (CWE)

Use of Insufficiently Random Values

CWE-330

Top Fix

Upgrade Version

Upgrade to version org.graylog2:graylog2-server:5.0.9,5.1.3

Learn More

CVSS v3.1

Base Score:	6.5
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	HIGH
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

WS-2023-0252

Good to know:

Date: July 5, 2023

Language: Java

Severity Score

Related Resources (2)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?