QwikSec

Security Database

CVE

CWE

Training

CVE-2023-7008

Published: Dec 23, 2023

Modified: Nov 6, 2025

PUBLISHED

CVSS v3.1

5.9

MEDIUM

Description

A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records.

Vendor	Product	Versions
Red Hat	Red Hat Enterprise Linux 8	unaffected `0:239-82.el8 - < *`
Red Hat	Red Hat Enterprise Linux 9	unaffected `0:252-32.el9_4 - < *`
Red Hat	Red Hat Enterprise Linux 9	unaffected `0:252-32.el9_4 - < *`
Red Hat	Cryostat 2	All versions

Weaknesses (CWE)

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

High

Availability

None

References

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

https://access.redhat.com/security/cve/CVE-2023-7008

vdb-entry

x_refsource_REDHAT

https://bugzilla.redhat.com/show_bug.cgi?id=2222261

issue-tracking

x_refsource_REDHAT

https://github.com/systemd/systemd/issues/25676

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.