DerScanner
Home / Vulnerability Database / Swift : Unencrypted DNS
Swift

Swift : Unencrypted DNS

Classification

OWASP Top 10 2021
A4-Insecure Design
CWE
CWE-656CWE-657

Overview

DNS queries and responses are sent over the network as plain text in unencrypted form, which makes them vulnerable to forging a response. Using DNS without encryption also facilitates reconnaissance for subsequent attacks on the infrastructure and reduces user privacy.

References

  1. Apple Developer Documentation: dnsProtocol
  2. WWDC20: Enable encrypted DNS
  3. DNS Queries over HTTPS (DoH)
  4. Specification for DNS over Transport Layer Security (TLS)
  5. SAC109:The Implications of DNS over HTTPS and DNS over TLS
  6. CWE-657: Violation of Secure Design Principles
MEDIUM

DerScanner Severity Score

Do you want to fix Swift : Unencrypted DNS in your application?

See also

Swift

Swift : Nill password

Swift

Swift : Hardcoded salt

Swift

Swift : Undocumented feature: special account