Vulnerabilities > CVE-2020-25926 - Insufficient Entropy vulnerability in Hcc-Embedded Nichestack Tcp/Ip 4.0.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
HIGH Availability impact
NONE Summary
The DNS client in InterNiche NicheStack TCP/IP 4.0.1 is affected by: Insufficient entropy in the DNS transaction id. The impact is: DNS cache poisoning (remote). The component is: dns_query_type(). The attack vector is: a specific DNS response packet.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |