Lucene search
HistoryFeb 15, 2024 - 5:15 a.m.
CVE-2024-1488
cve
2024
1488
unbound
vulnerability
configuration
modification
nvd
localhost
port 8953
permissions
8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
7.2 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
12.8%
A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an unprivileged attacker to manipulate a running instance, potentially altering forwarders, allowing them to track all queries forwarded by the local resolver, and, in some cases, disrupting resolving altogether.
CNA Affected
[
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "unbound",
"defaultStatus": "affected",
"versions": [
{
"version": "0:1.16.2-5.el8_9.6",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::appstream"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "unbound",
"defaultStatus": "affected",
"versions": [
{
"version": "0:1.7.3-12.el8_2.1",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:rhel_tus:8.2::appstream",
"cpe:/a:redhat:rhel_aus:8.2::appstream",
"cpe:/a:redhat:rhel_e4s:8.2::appstream"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "unbound",
"defaultStatus": "affected",
"versions": [
{
"version": "0:1.7.3-12.el8_2.1",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:rhel_tus:8.2::appstream",
"cpe:/a:redhat:rhel_aus:8.2::appstream",
"cpe:/a:redhat:rhel_e4s:8.2::appstream"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "unbound",
"defaultStatus": "affected",
"versions": [
{
"version": "0:1.7.3-12.el8_2.1",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:rhel_tus:8.2::appstream",
"cpe:/a:redhat:rhel_aus:8.2::appstream",
"cpe:/a:redhat:rhel_e4s:8.2::appstream"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "unbound",
"defaultStatus": "affected",
"versions": [
{
"version": "0:1.7.3-15.el8_4.1",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:rhel_e4s:8.4::appstream",
"cpe:/a:redhat:rhel_tus:8.4::appstream",
"cpe:/a:redhat:rhel_aus:8.4::appstream"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "unbound",
"defaultStatus": "affected",
"versions": [
{
"version": "0:1.7.3-15.el8_4.1",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:rhel_e4s:8.4::appstream",
"cpe:/a:redhat:rhel_tus:8.4::appstream",
"cpe:/a:redhat:rhel_aus:8.4::appstream"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "unbound",
"defaultStatus": "affected",
"versions": [
{
"version": "0:1.7.3-15.el8_4.1",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:rhel_e4s:8.4::appstream",
"cpe:/a:redhat:rhel_tus:8.4::appstream",
"cpe:/a:redhat:rhel_aus:8.4::appstream"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "unbound",
"defaultStatus": "affected",
"versions": [
{
"version": "0:1.7.3-17.el8_6.4",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:rhel_eus:8.6::appstream"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "unbound",
"defaultStatus": "affected",
"versions": [
{
"version": "0:1.16.2-5.el8_8.4",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:rhel_eus:8.8::appstream"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "unbound",
"defaultStatus": "affected",
"versions": [
{
"version": "0:1.16.2-3.el9_3.5",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::crb",
"cpe:/a:redhat:enterprise_linux:9::appstream"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "unbound",
"defaultStatus": "affected",
"versions": [
{
"version": "0:1.13.1-13.el9_0.4",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:rhel_eus:9.0::appstream"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "unbound",
"defaultStatus": "affected",
"versions": [
{
"version": "0:1.16.2-3.el9_2.4",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:rhel_eus:9.2::crb",
"cpe:/a:redhat:rhel_eus:9.2::appstream"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 6",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "unbound",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 7",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "unbound",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
]
}
]References
access.redhat.com/errata/RHSA-2024:1750
access.redhat.com/errata/RHSA-2024:1751
access.redhat.com/errata/RHSA-2024:1780
access.redhat.com/errata/RHSA-2024:1801
access.redhat.com/errata/RHSA-2024:1802
access.redhat.com/errata/RHSA-2024:1804
access.redhat.com/errata/RHSA-2024:2587
access.redhat.com/errata/RHSA-2024:2696
access.redhat.com/security/cve/CVE-2024-1488
bugzilla.redhat.com/show_bug.cgi?id=2264183
Related
prion
prion
Design/Logic Flaw
2024-02-15 05:15:00
nessus
nessus
AlmaLinux 9 : unbound (ALSA-2024:1750)
2024-04-12 00:00:00
RHEL 8 : unbound (RHSA-2024:1751)
2024-04-11 00:00:00
Oracle Linux 8 : unbound (ELSA-2024-1751)
2024-04-12 00:00:00
osv
osv
Important: unbound security update
2024-05-06 13:04:21
Important: unbound security update
2024-05-10 14:32:38
Important: unbound security update
2024-04-11 00:00:00
ubuntucve
ubuntucve
CVE-2024-1488
2024-02-15 00:00:00
cvelist
cvelist
redhat
redhat
(RHSA-2024:1750) Important: unbound security update
2024-04-10 09:44:43
(RHSA-2024:1802) Important: unbound security update
2024-04-15 00:59:20
(RHSA-2024:1780) Important: unbound security and bug fix update
2024-04-11 10:24:56
almalinux
almalinux
Important: unbound security update
2024-04-10 00:00:00
Important: unbound security update
2024-04-11 00:00:00
redhatcve
redhatcve
CVE-2024-1488
2024-02-14 13:06:01
rocky
rocky
unbound security update
2024-05-06 13:04:21
unbound security update
2024-05-10 14:32:38
nvd
nvd
CVE-2024-1488
2024-02-15 05:15:10
openvas
openvas
Unbound DNS Resolver < 1.19.1-2.fc40 Access Control Vulnerability
2024-03-08 00:00:00
Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2024-1580)
2024-05-10 00:00:00
Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2024-1721)
2024-05-30 00:00:00
debiancve
debiancve
CVE-2024-1488
2024-02-15 05:15:10
oraclelinux
oraclelinux
unbound security update
2024-04-11 00:00:00
unbound security update
2024-04-10 00:00:00
ibm
ibm
Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities
2024-05-09 12:31:16
8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
7.2 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
12.8%
Related for CVE-2024-1488