CVE-2022-2837

MEDIUM Year: 2022
CVSS v3 Score
6.1
Medium
Weakness Type
CWE-923
View all →

Vulnerability Description

A flaw was found in coreDNS. This flaw allows a malicious user to redirect traffic intended for external top-level domains (TLD) to a pod they control by creating projects and namespaces that match the TLD.

Related Vulnerabilities

CVE-2024-36252

MEDIUM
CVSS:6.3(Medium)

Improper restriction of communication channel to intended endpoints issue exists in Ricoh Streamline NX PC Client ver.3.6.x and earlier. If this vulnerability is exploited, arbitrary code may be execu...

CWE-9232024

CVE-2025-31144

MEDIUM
CVSS:5.8(Medium)

Quick Agent V3 and Quick Agent V2 contain an issue with improper restriction of communication channel to intended endpoints. If exploited, a remote unauthenticated attacker may attempt to log in to an...

CWE-9232025

CVE-2024-39537

MEDIUM
CVSS:6.5(Medium)

An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Juniper Networks Junos OS Evolved on ACX 7000 Series allows an unauthenticated, network-based attacker to cause ...

CWE-9232024

CVE-2022-38125

MEDIUM
CVSS:5.5(Medium)

Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Secomea SiteManager (FTP Agent modules) allows Exploiting Trust in Client.

CWE-9232022

CVE-2024-47125

HIGH
CVSS:5.4(Medium)

The goTenna Pro App does not authenticate public keys which allows an unauthenticated attacker to manipulate messages. It is advised to update your app to the current release for enhanced encryption p...

CWE-9232024

CVE-2022-43916

MEDIUM
CVSS:6.8(Medium)

IBM App Connect Enterprise Certified Container 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, and 12.7 Pods do ...

CWE-9232022