| Vulnerability Name: | CCN-149454 | ||||||
| Published: | 2018-09-04 | ||||||
| Updated: | 2018-09-04 | ||||||
| Summary: | Multiple routers could allow a remote attacker from within the local network to obtain sensitive information, caused by problems with automatic DNS registration and autodiscovery. By adding a malicious device to the network with the name 'WPAD', an attacker could exploit this vulnerability using DNS autoregistration and autodiscovery to act as a proxy for victims on the network to obtain sensitive information and trigger the loss of integrity of any network activity. | ||||||
| CVSS v3 Severity: | 6.4 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N) 5.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C)
| ||||||
| CVSS v2 Severity: | 5.9 Medium (CCN CVSS v2 Vector: AV:A/AC:H/Au:S/C:C/I:C/A:N)
| ||||||
| Vulnerability Consequences: | Obtain Information | ||||||
| References: | Source: CCN Type: US-CERT VU#598349 Problems with automatic DNS registration and autodiscovery Source: XF Type: UNKNOWN multiple-routers-wpad-info-disc(149454) Source: CCN Type: Google Project Zero Blog, Monday, December 18, 2017 aPAColypse now: Exploiting Windows 10 in a Local Network with WPAD/PAC and JScript Source: CCN Type: ADTSA-201804 Problems with automatic DNS registration and autodiscovery Source: CCN Type: Synology-SA-18:53 Web Proxy Auto-Discovery | ||||||
| Vulnerable Configuration: | Configuration CCN 1: Denotes that component is vulnerable | ||||||
| BACK | |||||||