CWE-406
Insufficient Control of Network Message Volume (Network Amplification)
Description
The product does not sufficiently monitor or control transmitted network traffic volume, so that an actor can cause the product to transmit more traffic than should be allowed for that actor.
Hierarchy (View 1000)
Parents
Children
none
CVEs mapped to this weakness (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-45557 | Med | 0.38 | 5.8 | 0.00 | May 19, 2026 | Technitium DNS Server aggressively tries to fetch missing RRSIG records or mismatched DNSKEY records. An attacker in control of a domain can cause a vulnerable system to generate excessive network traffic. Fixed in 15.0. | ||
| CVE-2025-58066 | Med | 0.27 | 5.3 | 0.00 | Aug 29, 2025 | nptd-rs is a tool for synchronizing your computer's clock, implementing the NTP and NTS protocols. In versions between 1.2.0 and 1.6.1 inclusive servers which allow non-NTS traffic are affected by a denial of service vulnerability, where an attacker can induce a message storm… | ||
| CVE-2020-2100 | 0.00 | — | 0.03 | Jan 29, 2020 | Jenkins 2.218 and earlier, LTS 2.204.1 and earlier was vulnerable to a UDP amplification reflection denial of service attack on port 33848. |
- risk 0.38cvss 5.8epss 0.00
Technitium DNS Server aggressively tries to fetch missing RRSIG records or mismatched DNSKEY records. An attacker in control of a domain can cause a vulnerable system to generate excessive network traffic. Fixed in 15.0.
- risk 0.27cvss 5.3epss 0.00
nptd-rs is a tool for synchronizing your computer's clock, implementing the NTP and NTS protocols. In versions between 1.2.0 and 1.6.1 inclusive servers which allow non-NTS traffic are affected by a denial of service vulnerability, where an attacker can induce a message storm…
- CVE-2020-2100Jan 29, 2020risk 0.00cvss —epss 0.03
Jenkins 2.218 and earlier, LTS 2.204.1 and earlier was vulnerable to a UDP amplification reflection denial of service attack on port 33848.