QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2021-27393

Back to search

CVE-2021-27393

Published: Apr 22, 2021

Modified: Aug 3, 2024

PUBLISHED

Description

A vulnerability has been identified in Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2013.08), Nucleus Source Code (Versions including affected DNS modules). The DNS client does not properly randomize UDP port numbers of DNS requests. That could allow an attacker to poison the DNS cache or spoof DNS resolving.

VendorProductVersions

Siemens

Nucleus NET

affected
All versions

Siemens

Nucleus ReadyStart V3

affected
All versions < V2013.08

Siemens

Nucleus Source Code

affected
Versions including affected DNS modules

Weaknesses (CWE)

CWE-330

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now