CVE-2020-5591

2020-06-0510:05:15

jpcert

www.cve.org

AI Score

7.6

Confidence

High

EPSS

0.002

Percentile

57.3%

JSON

XACK DNS 1.11.0 to 1.11.4, 1.10.0 to 1.10.8, 1.8.0 to 1.8.23, 1.7.0 to 1.7.18, and versions before 1.7.0 allow remote attackers to cause a denial of service condition resulting in degradation of the recursive resolver’s performance or compromising the recursive resolver as a reflector in a reflection attack.

CNA Affected

[
  {
    "product": "XACK DNS",
    "vendor": "XACK, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "1.11.0 to 1.11.4, 1.10.0 to 1.10.8, 1.8.0 to 1.8.23, 1.7.0 to 1.7.18, and versions before 1.7.0"
      }
    ]
  }
]

References

jvn.jp/en/jp/JVN40208370/index.html

xack.co.jp/info/?ID=622