CVE-2023-7008

Published: Dic 23, 2023 Last Modified: Nov 04, 2025 EU-VD ID: EUVD-2023-59200 Aliases: GSD-2023-7008
ExploitDB:
Other exploit source:
Google Dorks:
MEDIUM 5,9
Source: [email protected]
Attack Vector: network
Attack Complexity: high
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: none
Integrity: high
Availability: none

Description

AI Translation Available

A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0048
Percentile
0,6th
Updated

EPSS Score Trend (Last 91 Days)

300

Channel Accessible by Non-Endpoint

Draft
Abstraction: Class Structure: Simple
Common Consequences
Security Scopes Affected:
Confidentiality Integrity Access Control
Potential Impacts:
Read Application Data Modify Application Data Gain Privileges Or Assume Identity
Applicable Platforms
All platforms may be affected
View CWE Details
Application

Systemd by Systemd Project

Product Information
Vendor Systemd Project
Product Systemd
Version 25
cpe:2.3:a:systemd_project:systemd:25:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://access.redhat.com/errata/RHSA-2024:2463
https://access.redhat.com/errata/RHSA-2024:2463
https://access.redhat.com/errata/RHSA-2024:3203
https://access.redhat.com/errata/RHSA-2024:3203
https://access.redhat.com/security/cve/CVE-2023-7008
https://access.redhat.com/security/cve/CVE-2023-7008
https://bugzilla.redhat.com/show_bug.cgi?id=2222261
https://bugzilla.redhat.com/show_bug.cgi?id=2222261
https://bugzilla.redhat.com/show_bug.cgi?id=2222672
https://bugzilla.redhat.com/show_bug.cgi?id=2222672
https://github.com/systemd/systemd/issues/25676
https://github.com/systemd/systemd/issues/25676
https://lists.debian.org/debian-lts-announce/2024/09/msg000…
https://lists.debian.org/debian-lts-announce/2024/09/msg00001.html
https://lists.fedoraproject.org/archives/list/package-annou…
https://lists.fedoraproject.org/archives/list/[email protected]
https://lists.fedoraproject.org/archives/list/package-annou…
https://lists.fedoraproject.org/archives/list/[email protected]
https://security.netapp.com/advisory/ntap-20241122-0004/
https://security.netapp.com/advisory/ntap-20241122-0004/
https://access.redhat.com/errata/RHSA-2024:2463
https://access.redhat.com/errata/RHSA-2024:2463
https://access.redhat.com/errata/RHSA-2024:3203
https://access.redhat.com/errata/RHSA-2024:3203
https://access.redhat.com/security/cve/CVE-2023-7008
https://access.redhat.com/security/cve/CVE-2023-7008
https://bugzilla.redhat.com/show_bug.cgi?id=2222261
https://bugzilla.redhat.com/show_bug.cgi?id=2222261
https://bugzilla.redhat.com/show_bug.cgi?id=2222672
https://bugzilla.redhat.com/show_bug.cgi?id=2222672
https://github.com/systemd/systemd/issues/25676
https://github.com/systemd/systemd/issues/25676