Vulnerabilities > CVE-2022-48256 - Infinite Loop vulnerability in Technitium DNS Server

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
technitium
CWE-835
NVD
Published: 2023-01-13
Updated: 2023-01-23

Summary

Technitium DNS Server before 10.0 allows a self-CNAME denial-of-service attack in which a CNAME loop causes an answer to contain hundreds of records.

Vulnerable Configurations

Part Description Count
Application
Technitium
1

Common Weakness Enumeration (CWE)

References