Row breaks out over true severity of two DNSSEC flaws
March 26, 2024 at 04:29AM Two DNSSEC vulnerabilities, KeyTrap (CVE-2023-50387) and NSEC3-encloser (CVE-2023-50868), were disclosed with similar descriptions and a severity score of 7.5 out of 10. However, a study by the ATHENE team finds NSEC3-encloser is less severe than KeyTrap, contrary to MITRE’s assessment. This has led to concerns about the accuracy and quality … Read more