Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.
From VID-5B72B1FF-877C-11EB-BD4F-2F1D57DAFE46:
Simon Kelley reports:
[In configurations where the forwarding server address contains an @
character for specifying a sending interface or source address, the]
random source port behavior was disabled, making cache poisoning
attacks possible.
This only affects configurations of the form server=1.1.1.1@em0 or
server=1.1.1.1@192.0.2.1, i. e. those that specify an interface to
send through, or an IP address to send from, or use together with
NetworkManager.
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center