CVE-2022-2795

By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service.

Published: Sep 21, 2022
Updated: May 9, 2024
CVE: CVE-2022-2795
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.3
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWEs:

CWE-400

Affected Software
References

Software	From	Fixed in
isc / bind	9.11.7-s1	9.11.7-s1.x
isc / bind	9.11.3-s1	9.11.3-s1.x
isc / bind	9.11.6-s1	9.11.6-s1.x
isc / bind	9.10.5-s1	9.10.5-s1.x
isc / bind	9.11.5-s5	9.11.5-s5.x
isc / bind	9.11.5-s3	9.11.5-s3.x
isc / bind	9.9.3-s1	9.9.3-s1.x
isc / bind	9.10.7-s1	9.10.7-s1.x
isc / bind	9.11.5-s6	9.11.5-s6.x
isc / bind	9.11.12-s1	9.11.12-s1.x
isc / bind	9.11.8-s1	9.11.8-s1.x
isc / bind	9.9.12-s1	9.9.12-s1.x
isc / bind	9.9.13-s1	9.9.13-s1.x
isc / bind	9.11.21-s1	9.11.21-s1.x
isc / bind	9.16.8-s1	9.16.8-s1.x
isc / bind	9.16.11-s1	9.16.11-s1.x
isc / bind	9.11.27-s1	9.11.27-s1.x
isc / bind	9.16.13-s1	9.16.13-s1.x
isc / bind	9.11.29-s1	9.11.29-s1.x
isc / bind	9.16.21-s1	9.16.21-s1.x
isc / bind	9.11.35-s1	9.11.35-s1.x
isc / bind	9.11.14-s1	9.11.14-s1.x
isc / bind	9.11.19-s1	9.11.19-s1.x
isc / bind	9.18.0	9.18.7
isc / bind	9.0.0	9.16.33
isc / bind	9.19.0	9.19.5
isc / bind	9.11.37-s1	9.11.37-s1.x
isc / bind	9.16.32-s1	9.16.32-s1.x
debian / debian_linux	10.0	10.0.x
debian / debian_linux	11.0	11.0.x
fedoraproject / fedora	35	35.x
fedoraproject / fedora	36	36.x
fedoraproject / fedora	37	37.x

Vulnerability Database

289,689

CVE-2022-2795