vendor:
Windows DNS Server
by:
5.5
CVSS
MEDIUM
Spoofing
451
CWE
Product Name: Windows DNS Server
Affected Version From:
Affected Version To:
Patch Exists: YES
Related CWE:
CPE: o:microsoft:windows
Platforms Tested: Windows
Microsoft Windows DNS Server Spoofing Vulnerability
The vulnerability allows an attacker to spoof responses to DNS requests, corrupting the DNS cache with attacker-specified content. This can aid in further attacks such as phishing.
Mitigation:
Apply the appropriate security updates provided by Microsoft to address this vulnerability. Additionally, it is recommended to restrict access to the DNS server to trusted sources only.