IscCVELIST:CVE-2019-6476CVE-2019-6476 An error in QNAME minimization code can cause BIND to exit with an assertion failure
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 High
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
65.7%
A defect in code added to support QNAME minimization can cause named to exit with an assertion failure if a forwarder returns a referral rather than resolving the query. This affects BIND versions 9.14.0 up to 9.14.6, and 9.15.0 up to 9.15.4.
CNA Affected
[
{
"product": "BIND 9",
"vendor": "ISC",
"versions": [
{
"status": "affected",
"version": "9.14.0 up to 9.14.6"
},
{
"status": "affected",
"version": "9.15.0 up to 9.15.4"
}
]
}
]Related
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 High
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
65.7%