CVE-2024-0874 - OpenCVE

A flaw was found in coredns. This issue could lead to invalid cache entries returning due to incorrectly implemented caching.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Redhat	Acm Logging Openshift

No data.

Package	CPE	Advisory	Released Date
Red Hat OpenShift Container Platform 4.13
openshift4/ose-coredns:v4.13.0-202408260940.p0.ge70f097.assembly.stream.el8	cpe:/a:redhat:openshift:4.13::el8	RHSA-2024:6009	2024-09-04T00:00:00Z
Red Hat OpenShift Container Platform 4.14
openshift4/ose-coredns:v4.14.0-202408260910.p0.gfdd6037.assembly.stream.el8	cpe:/a:redhat:openshift:4.14::el8	RHSA-2024:6406	2024-09-11T00:00:00Z
Red Hat OpenShift Container Platform 4.15
openshift4/ose-coredns-rhel9:v4.15.0-202407230407.p0.g1326282.assembly.stream.el9	cpe:/a:redhat:openshift:4.15::el9	RHSA-2024:4850	2024-07-31T00:00:00Z
Red Hat OpenShift Container Platform 4.16
openshift4/ose-coredns-rhel9:v4.16.0-202406131906.p0.g04d84f7.assembly.stream.el9	cpe:/a:redhat:openshift:4.16::el9	RHSA-2024:0041	2024-06-27T00:00:00Z

References

Link	Providers
https://access.redhat.com/errata/RHSA-2024:0041
https://access.redhat.com/errata/RHSA-2024:4850
https://access.redhat.com/errata/RHSA-2024:6009
https://access.redhat.com/errata/RHSA-2024:6406
https://access.redhat.com/security/cve/CVE-2024-0874
https://bugzilla.redhat.com/show_bug.cgi?id=2219234
https://github.com/coredns/coredns/issues/6186
https://github.com/coredns/coredns/pull/6354
https://nvd.nist.gov/vuln/detail/CVE-2024-0874
https://www.cve.org/CVERecord?id=CVE-2024-0874

History

Wed, 11 Sep 2024 22:15:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:openshift:4.14::el8 cpe:/a:redhat:openshift:4.14::el9
References		https://access.redhat.com/errata/RHSA-2024:6406

Wed, 04 Sep 2024 10:45:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:openshift:4.13::el8 cpe:/a:redhat:openshift:4.13::el9
References		https://access.redhat.com/errata/RHSA-2024:6009

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2024-04-25T16:22:44.182Z

Updated: 2024-09-16T16:40:45.968Z

Reserved: 2024-01-24T23:42:08.424Z

Link: CVE-2024-0874

Vulnrichment

Updated: 2024-08-01T18:18:18.998Z

NVD

Status : Awaiting Analysis

Published: 2024-04-25T17:15:47.083

Modified: 2024-09-11T22:15:01.933

Link: CVE-2024-0874

Redhat

Severity : Moderate

Publid Date: 2023-07-03T00:00:00Z

Links: CVE-2024-0874 - Bugzilla

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object