Knot-dns - Knot Dns CVE

Filtered by vendor Knot-dns Subscribe

Filtered by product Knot Dns

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2017-11104	1 Knot-dns	1 Knot Dns	2020-09-18	4.3 MEDIUM	5.9 MEDIUM
Knot DNS before 2.4.5 and 2.5.x before 2.5.2 contains a flaw within the TSIG protocol implementation that would allow an attacker with a valid key name and algorithm to bypass TSIG authentication if no additional ACL restrictions are set, because of an improper TSIG validity period check.

Vulnerabilities (CVE)