QwikSec

Security Database

CVE

CWE

Training

CVE-2024-0874

Published: Apr 25, 2024

Modified: Jun 2, 2026

PUBLISHED

CVSS v3.1

5.3

MEDIUM

Description

A flaw was found in coredns. This issue could lead to invalid cache entries returning due to incorrectly implemented caching.

Vendor	Product	Versions
Unknown	coredns	affected `0 - < 1.11.2`
Red Hat	Red Hat OpenShift Container Platform 4.13	unaffected `v4.13.0-202408260940.p0.ge70f097.assembly.stream.el8 - < *`
Red Hat	Red Hat OpenShift Container Platform 4.14	unaffected `v4.14.0-202408260910.p0.gfdd6037.assembly.stream.el8 - < *`
Red Hat	Red Hat OpenShift Container Platform 4.15	unaffected `v4.15.0-202407230407.p0.g1326282.assembly.stream.el9 - < *`
Red Hat	Red Hat OpenShift Container Platform 4.16	unaffected `v4.16.0-202406131906.p0.g04d84f7.assembly.stream.el9 - < *`
Red Hat	Logging Subsystem for Red Hat OpenShift	All versions
Red Hat	Red Hat Advanced Cluster Management for Kubernetes 2	All versions

Weaknesses (CWE)

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

Low

Availability

None

References

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

https://access.redhat.com/security/cve/CVE-2024-0874

vdb-entry

x_refsource_REDHAT

issue-tracking

x_refsource_REDHAT

https://github.com/coredns/coredns/issues/6186

https://github.com/coredns/coredns/pull/6354

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.