0% found this document useful (0 votes)

12 views

NVD - CVE-2022-2837

CVE-2022-2837 describes a vulnerability in coreDNS that allows malicious users to redirect traffic for external top-level domains to controlled pods. The CVSS base score for this vulnerability is 6.1, indicating a medium severity level. The document includes references to advisories and tools for mitigation, as well as details on affected software configurations.

Uploaded by

vinaybhadeshiya6

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

12 views

NVD - CVE-2022-2837

Uploaded by

vinaybhadeshiya6

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 3

An official website of the United States government Here's how you know

NVD

VULNERABILITIES

CVE-2022-2837 Detail
MODIFIED

This CVE record has been updated after NVD enrichment efforts were completed. Enrichment

data supplied by the NVD may require amendment due to these changes.

Description
A flaw was found in coreDNS. This flaw allows a malicious user to redirect traffic intended for

external top-level domains (TLD) to a pod they control by creating projects and namespaces that

match the TLD.

Metrics CVSS Version 4.0 CVSS Version 3.x CVSS Version 2.0

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information

contributed by other sources is also displayed.

CVSS 3.x Severity and Vector Strings:

NIST: NVD

Base Score: 6.1 MEDIUM

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other

web sites because they may have information that would be of interest to you. No inferences should

be drawn on account of other sites being referenced, or not, from this page. There may be other web

sites that are more appropriate for your purpose. NIST does not necessarily endorse the views

expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any

commercial products that may be mentioned on these sites. Please address comments about this

page to [email protected].

Hyperlink Resource

https://bugzilla.redhat.com/show_bug.cgi? Issue Tracking Mitigation Third Party Advisory

id=2118543

https://bugzilla.redhat.com/show_bug.cgi? Issue Tracking Mitigation Third Party Advisory

id=2118543
Weakness Enumeration
CWE-ID CWE Name Source

CWE-601 URL Redirection to Untrusted Site ('Open Redirect') NIST

CWE-923 Improper Restriction of Communication Channel to Intended Endpoints Red Hat, Inc.

Known Affected Software Configurations Switch to CPE 2.2

Configuration 1 ( hide )

cpe:2.3:a:coredns.io:coredns:-:*:*:*:*:*:*:*

Show Matching CPE(s)

 Denotes Vulnerable Software

Are we missing a CPE here? Please let us know.

Change History
3 change records found show changes

QUICK INFO

CVE Dictionary Entry:

CVE-2022-2837      
NVD Published Date:

03/03/2023

NVD Last Modified:

11/21/2024

Source:
HEADQUARTERS
100 Bureau Drive
Red Hat, Inc.
Gaithersburg, MD 20899
(301) 975-2000

Webmaster | Contact Us | Our Other Offices

Incident Response Assistance and Non-NVD Related
Technical Cyber Security Questions:
US-CERT Security Operations Center
Email: [email protected]
Phone: 1-888-282-0870

VCCGenerator - Valid Credit Card Generator 2021 (
100% (1)
VCCGenerator - Valid Credit Card Generator 2021 (
1 page
Certified Ethical Hacker (CEH V13) Practice Exam Guide
From Everand
Certified Ethical Hacker (CEH V13) Practice Exam Guide
Steve Brown
No ratings yet
Lab 4 Vulnerability Analysis
100% (1)
Lab 4 Vulnerability Analysis
98 pages
Itt459 Individual Assignment
No ratings yet
Itt459 Individual Assignment
28 pages
Credit Card Cloning
100% (1)
Credit Card Cloning
2 pages
Radio Frequency Identification Access Control System - Toll Gate
No ratings yet
Radio Frequency Identification Access Control System - Toll Gate
2 pages
Fated by Anindana PDF
100% (3)
Fated by Anindana PDF
516 pages
Sample Form Legal Opinion Letter - Accountant
No ratings yet
Sample Form Legal Opinion Letter - Accountant
4 pages
Safe Schools Spreadsheet - Combined
No ratings yet
Safe Schools Spreadsheet - Combined
43 pages
University of California Student Tuition, Fees and Receivables Audit Program
No ratings yet
University of California Student Tuition, Fees and Receivables Audit Program
8 pages
NVD - CVE-2022-2839
No ratings yet
NVD - CVE-2022-2839
3 pages
NVD - Cve-2023-22680
No ratings yet
NVD - Cve-2023-22680
3 pages
NVD - Cve-2020-19268
No ratings yet
NVD - Cve-2020-19268
3 pages
Assignment 1 - CSCI2303-Threat Hunting Template
No ratings yet
Assignment 1 - CSCI2303-Threat Hunting Template
5 pages
NVD - Cve-2023-22678
No ratings yet
NVD - Cve-2023-22678
3 pages
NVD - Cve-2023-22681
No ratings yet
NVD - Cve-2023-22681
3 pages
NVD - Results
No ratings yet
NVD - Results
2 pages
NVD - Cve-2022-22679
No ratings yet
NVD - Cve-2022-22679
3 pages
NVD - CVE-2022-2838
No ratings yet
NVD - CVE-2022-2838
3 pages
NVD - CVE-2024-2726
No ratings yet
NVD - CVE-2024-2726
3 pages
978-3-030-52683-2_Chapter_1
No ratings yet
978-3-030-52683-2_Chapter_1
20 pages
Honeywell XL Web II Controller Vulnerabilities - CISA
No ratings yet
Honeywell XL Web II Controller Vulnerabilities - CISA
11 pages
VA_RE_Lec2
No ratings yet
VA_RE_Lec2
19 pages
EN - CVE Details
No ratings yet
EN - CVE Details
4 pages
Entry_Creation
No ratings yet
Entry_Creation
23 pages
CVE exchange server
No ratings yet
CVE exchange server
3 pages
Difference CVE CWE and NVD
100% (1)
Difference CVE CWE and NVD
3 pages
1 s2.0 S0167404823001967 Main
No ratings yet
1 s2.0 S0167404823001967 Main
12 pages
NVD - Cve-2023-22677
No ratings yet
NVD - Cve-2023-22677
3 pages
NVD - cve-2019-2840
No ratings yet
NVD - cve-2019-2840
3 pages
KHKJGHBN
No ratings yet
KHKJGHBN
5 pages
Chapter 5 - Finding Vulnerabilities
No ratings yet
Chapter 5 - Finding Vulnerabilities
41 pages
Vulnerabilities
No ratings yet
Vulnerabilities
3 pages
19bcs2848 Exp 5 SWL
No ratings yet
19bcs2848 Exp 5 SWL
6 pages
CVE Presentation
No ratings yet
CVE Presentation
17 pages
Common Vulnerabilities and Exposures Project Report
No ratings yet
Common Vulnerabilities and Exposures Project Report
22 pages
Nexpose Audit Report
No ratings yet
Nexpose Audit Report
376 pages
Effective Vulnerability Management: Managing Risk in the Vulnerable Digital Ecosystem
From Everand
Effective Vulnerability Management: Managing Risk in the Vulnerable Digital Ecosystem
Chris Hughes
5/5 (1)
x Talk Martin
No ratings yet
x Talk Martin
5 pages
CWE - CWE-837 - Improper Enforcement of A Single, Unique Action (4.15)
No ratings yet
CWE - CWE-837 - Improper Enforcement of A Single, Unique Action (4.15)
2 pages
Cyberpwn 2
No ratings yet
Cyberpwn 2
25 pages
NVD - Cve-2023-36802
No ratings yet
NVD - Cve-2023-36802
3 pages
SoftSec 02 Vulnerabilities
No ratings yet
SoftSec 02 Vulnerabilities
47 pages
Module 8 - Endpoint Security and Analysis
No ratings yet
Module 8 - Endpoint Security and Analysis
40 pages
(ISC)2 CCSP Certified Cloud Security Professional Official Study Guide
From Everand
(ISC)2 CCSP Certified Cloud Security Professional Official Study Guide
Ben Malisow
No ratings yet
loadPdf (1).pdfag36
No ratings yet
loadPdf (1).pdfag36
6 pages
5.vulnerability Analysis
100% (1)
5.vulnerability Analysis
18 pages
Final Del Formulario: PHP PHP 5.2.3
No ratings yet
Final Del Formulario: PHP PHP 5.2.3
2 pages
Cisa-Ssvc-Guide 508c - 221114 - 105826
No ratings yet
Cisa-Ssvc-Guide 508c - 221114 - 105826
11 pages
Red Hat Open Approach Vulnerability Management 1 - 2
No ratings yet
Red Hat Open Approach Vulnerability Management 1 - 2
23 pages
NVD - Cve-2019-15472
No ratings yet
NVD - Cve-2019-15472
5 pages
Coordinated Vulnerability Disclosure: The Guideline
No ratings yet
Coordinated Vulnerability Disclosure: The Guideline
28 pages
CISSP - Certified Information Systems Security Professional Exam Preparation Study Guide
From Everand
CISSP - Certified Information Systems Security Professional Exam Preparation Study Guide
Georgio Daccache
5/5 (1)
Developer Report
No ratings yet
Developer Report
16 pages
Practical 7
No ratings yet
Practical 7
5 pages
Cloud Security: A Comprehensive Guide to Secure Cloud Computing
From Everand
Cloud Security: A Comprehensive Guide to Secure Cloud Computing
Ronald L. Krutz
No ratings yet
16 CVSS
No ratings yet
16 CVSS
23 pages
Baseintrorpyecto
No ratings yet
Baseintrorpyecto
2 pages
Debugging The System Reformin
No ratings yet
Debugging The System Reformin
25 pages
NIST Cybersecurity Framework (CSF) For Information Systems Security: NIST Cybersecurity Framework (CSF), #1
From Everand
NIST Cybersecurity Framework (CSF) For Information Systems Security: NIST Cybersecurity Framework (CSF), #1
Bruce Brown, CISSP
No ratings yet
State Threat Exp Rep
No ratings yet
State Threat Exp Rep
37 pages
Network Vulnerability Scan With Openvas Report
No ratings yet
Network Vulnerability Scan With Openvas Report
4 pages
NVD - Cve-2023-20268 (Ii)
No ratings yet
NVD - Cve-2023-20268 (Ii)
4 pages
Certified Ethical Hacker (CEH v12) Exam Preparation
From Everand
Certified Ethical Hacker (CEH v12) Exam Preparation
Georgio Daccache
No ratings yet
08 Vulnerability Defense and Penetration Testing (2)
No ratings yet
08 Vulnerability Defense and Penetration Testing (2)
40 pages
Csa Chinese Exploit Vulnerabilities Uoo179811
No ratings yet
Csa Chinese Exploit Vulnerabilities Uoo179811
6 pages
Automated Mapping of Common Vulnerabilities and Ex
No ratings yet
Automated Mapping of Common Vulnerabilities and Ex
19 pages
CVEIDs and How To Get Them
No ratings yet
CVEIDs and How To Get Them
20 pages
NVD - CVE-2023-2841
No ratings yet
NVD - CVE-2023-2841
4 pages
AnupamaNilekar_29112024
No ratings yet
AnupamaNilekar_29112024
1 page
CWE - CWE-400 - Uncontrolled Resource Consumption (4.14)
No ratings yet
CWE - CWE-400 - Uncontrolled Resource Consumption (4.14)
1 page
Cwe - Cwe-550 2
No ratings yet
Cwe - Cwe-550 2
1 page
CWE - CWE-209 - Generation of Error Message Containing Sensitive Information (4.14)
No ratings yet
CWE - CWE-209 - Generation of Error Message Containing Sensitive Information (4.14)
2 pages
NVD - Cve-2023-20268
No ratings yet
NVD - Cve-2023-20268
4 pages
CWE - CWE-102 - Struts - Duplicate Validation Forms (4.14)
No ratings yet
CWE - CWE-102 - Struts - Duplicate Validation Forms (4.14)
1 page
Iv-Ii Technical Seminar Faculty Incharges-Students
No ratings yet
Iv-Ii Technical Seminar Faculty Incharges-Students
11 pages
PTW Coordinator
No ratings yet
PTW Coordinator
3 pages
Unix Scripts
No ratings yet
Unix Scripts
3 pages
Rail - Fence Cipher
100% (2)
Rail - Fence Cipher
2 pages
ConstructiION 10122016
No ratings yet
ConstructiION 10122016
2 pages
SIP, Security and Firewalls White Paper
No ratings yet
SIP, Security and Firewalls White Paper
10 pages
Ruth Cindy Sitorus HLP Cizfil Pku Flight - Originating
No ratings yet
Ruth Cindy Sitorus HLP Cizfil Pku Flight - Originating
2 pages
Huawei E5331 Quick Start (v100r001 01, En)
No ratings yet
Huawei E5331 Quick Start (v100r001 01, En)
22 pages
Interview For Fannie Mae
No ratings yet
Interview For Fannie Mae
3 pages
Sparsh (Civil) 13
No ratings yet
Sparsh (Civil) 13
9 pages
2b621-657en - C Mgu-1000a Operation M
100% (1)
2b621-657en - C Mgu-1000a Operation M
166 pages
Open Doc Man
No ratings yet
Open Doc Man
9 pages
Run Commands
No ratings yet
Run Commands
3 pages
Implementing Rules RA 9184
No ratings yet
Implementing Rules RA 9184
76 pages
Privacy Enhancing Technologies
No ratings yet
Privacy Enhancing Technologies
18 pages
First Review PPT Prazwal
No ratings yet
First Review PPT Prazwal
18 pages
CPB 23 No 2
No ratings yet
CPB 23 No 2
2 pages
HT_HDFI1811240294 (1) (1)
No ratings yet
HT_HDFI1811240294 (1) (1)
1 page
YubiKey FIPS Series Public Sector Brief
No ratings yet
YubiKey FIPS Series Public Sector Brief
2 pages
Jewellery Management System
No ratings yet
Jewellery Management System
3 pages
Suraj Kumar: Transaction Details
No ratings yet
Suraj Kumar: Transaction Details
4 pages
Ups System
No ratings yet
Ups System
59 pages