IscCVELIST:CVE-2023-5680CVE-2023-5680 Cleaning an ECS-enabled cache may cause excessive CPU load
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
0.0005 Low
EPSS
Percentile
16.7%
If a resolver cache has a very large number of ECS records stored for the same name, the process of cleaning the cache database node for this name can significantly impair query performance.
This issue affects BIND 9 versions 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1.
CNA Affected
[
{
"vendor": "ISC",
"product": "BIND 9",
"versions": [
{
"version": "9.11.3-S1",
"lessThanOrEqual": "9.11.37-S1",
"status": "affected",
"versionType": "custom"
},
{
"version": "9.16.8-S1",
"lessThanOrEqual": "9.16.45-S1",
"status": "affected",
"versionType": "custom"
},
{
"version": "9.18.11-S1",
"lessThanOrEqual": "9.18.21-S1",
"status": "affected",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
}
]Related
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
0.0005 Low
EPSS
Percentile
16.7%