{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-28T04:52:41.395","vulnerabilities":[{"cve":{"id":"CVE-2019-3979","sourceIdentifier":"vulnreport@tenable.com","published":"2019-10-29T19:15:20.610","lastModified":"2024-11-21T04:42:59.750","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below are vulnerable to a DNS unrelated data attack. The router adds all A records to its DNS cache even when the records are unrelated to the domain that was queried. Therefore, a remote attacker controlled DNS server can poison the router's DNS cache via malicious responses with additional and untrue records."},{"lang":"es","value":"RouterOS versión 6.45.6 Stable, RouterOS versión 6.44.5 Long-Term y anteriores, son vulnerables a un ataque de datos no relacionado con DNS. El router agrega todos los registros A a su memoria caché DNS incluso cuando los registros no están relacionados con el dominio que se consultó. Por lo tanto, un servidor DNS controlado por un atacante remoto puede envenenar la memoria caché DNS del router mediante respuestas maliciosas con registros adicionales y falsos."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:P/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-345"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mikrotik:routeros:*:*:*:*:ltr:*:*:*","versionEndIncluding":"6.44.5","matchCriteriaId":"E96DA8A8-65E0-4D1C-A15B-8A4F7A0644A1"},{"vulnerable":true,"criteria":"cpe:2.3:o:mikrotik:routeros:*:*:*:*:-:*:*:*","versionEndIncluding":"6.45.6","matchCriteriaId":"AA750EF2-6247-46CF-B800-C0417F6D35A5"}]}]}],"references":[{"url":"https://www.tenable.com/security/research/tra-2019-46","source":"vulnreport@tenable.com","tags":["Third Party Advisory"]},{"url":"https://www.tenable.com/security/research/tra-2019-46","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}