8.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:N/A:P
0.004 Low
EPSS
Percentile
72.3%
BIND DNS server vulnerability is related to boundary conditions when reusing HTTP connection
when requesting statistics from a statistics channel. Exploitation of the vulnerability could allow an attacker,
acting remotely, using a managed DNS server to cause a read error outside the boundary conditions and
read the contents of memory on the system or perform a denial of service attack
The BIND DNS server vulnerability is related to improper management of internal resources within the application
when processing large delegations. Exploitation of the vulnerability could allow an attacker acting
remotely flood the target server with requests and perform a denial of service (DoS) attack.
BIND DNS server vulnerability is related to a memory leak during key processing when using TKEY records
in Diffie-Hellman mode with OpenSSL 3.0.0 and later. Exploitation of the vulnerability could allow
an attacker acting remotely to force an application to free memory and perform a denial-of-service attack.
denial of service
A vulnerability in the BIND DNS server is related to an error in responses from a legacy cache with zero wait time
stale-answer-client-timeout. Exploitation of the vulnerability could allow an attacker acting remotely to
send a specially crafted query to a DNS resolver and perform a denial of service (DoS) attack
(DoS)
A vulnerability in the BIND DNS server is related to a memory leak in the DNSSEC validation code for the ECDSA algorithm.
Exploitation of the vulnerability could allow an attacker acting remotely to spoof a targeted query with
using responses with a corrupted ECDSA signature and perform a denial-of-service attack
BIND DNS server vulnerability is related to a memory leak in the DNSSEC validation code for the EdDSA algorithm.
Exploitation of the vulnerability could allow an attacker acting remotely to spoof a targeted query with
using responses with a corrupted EdDSA signature and execute a denial of service attack
8.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:N/A:P
0.004 Low
EPSS
Percentile
72.3%