Lucene search

K

PRIOn knowledge basePRION:CVE-2020-8624

HistoryAug 21, 2020 - 9:15 p.m.

Code injection

2020-08-2121:15:00

PRIOn knowledge base

www.prio-n.com

27

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

5.5 Medium

AI Score

Confidence

High

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

68.6%

In BIND 9.9.12 -> 9.9.13, 9.10.7 -> 9.10.8, 9.11.3 -> 9.11.21, 9.12.1 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.12-S1 -> 9.9.13-S1, 9.11.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker who has been granted privileges to change a specific subset of the zone’s content could abuse these unintended additional privileges to update other contents of the zone.

CPENameOperatorVersion
ubuntu_linuxeq18.04
ubuntu_linuxeq20.04
ubuntu_linuxeq16.04
debian_linuxeq10.0
fedoraeq31
fedoraeq32
bindge9.10.7
bindle9.10.8
bindge9.17.0
bindle9.17.3

Rows per page:

1-10 of 221

References

lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html

lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html

kb.isc.org/docs/cve-2020-8624

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQN62GBMCIC5AY4KYADGXNKVY6AJKSJE/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKAMJZXR66P6S5LEU4SN7USSNCWTXEXP/

security.gentoo.org/glsa/202008-19

security.netapp.com/advisory/ntap-20200827-0003/

usn.ubuntu.com/4468-1/

www.debian.org/security/2020/dsa-4752

www.synology.com/security/advisory/Synology_SA_20_19

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

5.5 Medium

AI Score

Confidence

High

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

68.6%

Related for PRION:CVE-2020-8624

osv2 openvas22 cbl_mariner1 debiancve1 nessus36 f51 ubuntucve1 cve1 alpinelinux1 redhatcve1 veracode1 ibm5 photon5 mageia1 oraclelinux3 altlinux3 amazon1 fedora6 redhat7 slackware1 centos1 debian2 cisa1 gentoo1 ubuntu1 suse2