CWE-406 16 個 CVE MITRE 定義 ↗

CWE-406:Insufficient Control of Network Message Volume (Network Amplification)

概覽

CWE-406(Insufficient Control of Network Message Volume (Network Amplification))描述一種在漏洞資料庫與安全評估中使用的弱點類型;定義、背景與對應 CVE 見下方各節。

安全影響
安全影響:因產品與情境而異;請結合 CVE 紀錄、嚴重度評分與 MITRE 說明進行優先級判斷。

描述

The product does not sufficiently monitor or control transmitted network traffic volume, so that an actor can cause the product to transmit more traffic than should be allowed for that actor.

適用平台

類型 名稱 普遍性 OS / CPE
language Not Language-Specific Undetermined

本庫相關 CVE

下列 CVE 在本庫中對應到該弱點,並保留以便追溯與檢索。

CVE 公開時間 摘要
CVE-2026-45557 2026-05-19 Technitium DNS Server aggressively tries to fetch missing RRSIG records or mismatched DNSKEY records. An attacker in control of a domain can cause a vulnerable system to generate excessive network tra…
CVE-2025-58066 2025-08-29 nptd-rs is a tool for synchronizing your computer's clock, implementing the NTP and NTS protocols. In versions between 1.2.0 and 1.6.1 inclusive servers which allow non-NTS traffic are affected by a d…
CVE-2021-38135 2024-11-22 Possible External Service Interaction attack in iManager has been discovered in OpenText™ iManager 3.2.6.0000.
CVE-2023-49203 2024-09-18 Technitium 11.5.3 allows remote attackers to cause a denial of service (bandwidth amplification) because the DNSBomb manipulation causes accumulation of low-rate DNS queries such that there is a large…
CVE-2023-28456 2024-09-18 An issue was discovered in Technitium through 11.0.2. It enables attackers to launch amplification attacks (3 times more than other "golden model" software like BIND) and cause potential DoS.
CVE-2023-28455 2024-09-18 An issue was discovered in Technitium through 11.0.2. The forwarding mode enables attackers to create a query loop using Technitium resolvers, launching amplification attacks and causing potential DoS…
CVE-2024-25015 2024-05-01 IBM MQ 9.2 LTS, 9.3 LTS, and 9.3 CD Internet Pass-Thru could allow a remote user to cause a denial of service by sending HTTP requests that would consume all available resources. IBM X-Force ID: 281…
CVE-2014-125036 2023-01-02 A vulnerability, which was classified as problematic, has been found in drybjed ansible-ntp. Affected by this issue is some unknown functionality of the file meta/main.yml. The manipulation leads to i…
CVE-2022-0028 2022-08-10 A PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct reflected and amplified TCP denial-of-service (RDoS) attacks. The DoS attack would appear to originate fr…
CVE-2021-4234 2022-07-06 OpenVPN Access Server 2.10 and prior versions are susceptible to resending multiple packets in a response to a reset packet sent from the client which the client again does not respond to, resulting i…
CVE-2021-43547 2022-05-05 TwinOaks Computing CoreDX DDS versions prior to 5.9.1 are susceptible to exploitation when an attacker sends a specially crafted packet to flood target devices with unwanted traffic. This may result i…
CVE-2021-38487 2022-05-05 RTI Connext Professional versions 4.1 to 6.1.0, and Connext Micro versions 2.4 and later are vulnerable when an attacker sends a specially crafted packet to flood target devices with unwanted traffic.…
CVE-2021-38429 2022-05-05 OCI OpenDDS versions prior to 3.18.1 are vulnerable when an attacker sends a specially crafted packet to flood target devices with unwanted traffic, which may result in a denial-of-service condition a…
CVE-2021-38425 2022-05-05 eProsima Fast DDS versions prior to 2.4.0 (#2269) are susceptible to exploitation when an attacker sends a specially crafted packet to flood a target device with unwanted traffic, which may result in …
CVE-2019-14850 2021-03-18 A denial of service vulnerability was discovered in nbdkit 1.12.7, 1.14.1 and 1.15.1. An attacker could connect to the nbdkit service and cause it to perform a large amount of work in initializing bac…
CVE-2020-10772 2020-11-27 An incomplete fix for CVE-2020-12662 was shipped for Unbound in Red Hat Enterprise Linux 7, as part of erratum RHSA-2020:2414. Vulnerable versions of Unbound could still amplify an incoming query into…

曾用名

  • Network Amplification (2008-10-14)

內容提交

名稱
PLOVER
日期
2006-07-19
版本
Draft 3

內容修訂

日期 名稱 版本 重要性 評論
2008-07-01 Eric Dalci 1.0 updated Time_of_Introduction
2008-09-08 CWE Content Team 1.0 updated Relationships, Other_Notes, Taxonomy_Mappings
2008-10-14 CWE Content Team 1.0.1 updated Description, Enabling_Factors_for_Exploitation, Name, Other_Notes, Theoretical_Notes
2010-06-21 CWE Content Team 1.9 updated Other_Notes, Relationship_Notes
2011-03-29 CWE Content Team 1.12 updated Demonstrative_Examples
2011-06-01 CWE Content Team 1.13 updated Common_Consequences
2012-05-11 CWE Content Team 2.2 updated Common_Consequences, Relationships
2012-10-30 CWE Content Team 2.3 updated Potential_Mitigations
2014-02-18 CWE Content Team 2.6 updated Demonstrative_Examples, Observed_Examples, Relationships
2014-07-30 CWE Content Team 2.8 updated Relationships
2017-11-08 CWE Content Team 3.0 updated Applicable_Platforms, Enabling_Factors_for_Exploitation, Modes_of_Introduction
2019-06-20 CWE Content Team 3.3 updated Type
2020-02-24 CWE Content Team 4.0 updated Relationships
2022-04-28 CWE Content Team 4.7 updated Relationships
2023-01-31 CWE Content Team 4.10 updated Description
2023-04-27 CWE Content Team 4.11 updated Relationships
2023-06-29 CWE Content Team 4.12 updated Mapping_Notes
2025-04-03 CWE Content Team 4.17 updated Mapping_Notes
2025-12-11 CWE Content Team 4.19 updated Detection_Factors, Weakness_Ordinalities
cvelogic Threat Intelligence