7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.002 Low
EPSS
Percentile
56.4%
DNS server BIND vulnerability is related to reachable assertion in DNS query processing. Exploitation
The vulnerability allows an attacker acting remotely to send repeated patterns of specific requests to servers with DNSSEC-Validated Cache (synth-from-rom) enabled.
queries to servers with the DNSSEC-Validated Cache (synth-from-dnssec) feature enabled and cause the
INSIST error in query.c:query_dname, causing named to terminate unexpectedly.
DNS server vulnerability BIND is related to flaws in HTTP request processing. Exploitation of the vulnerability
allows a remote attacker to affect data integrity
DNS server vulnerability BIND is related to the processing of a DS record request that needs to be
redirect, BIND waits until this processing is complete or until the wait time for the wait time timer
wait time expires, this timeout results in a call to resume_dslookup(), which
does not check if the fetch was previously completed. Exploitation of the vulnerability allows an attacker acting
remotely to cause the binding process to terminate.
The DNS BIND server vulnerability is related to improper resource termination or release,
which results in an incomplete cleanup. Exploitation of the vulnerability allows an attacker acting
remotely, to send specially crafted TCP streams with ‘keep-response-order’ enabled, which could
cause binding connections to remain in the CLOSE_WAIT state for an indefinite period,
even after the client has terminated the connection.
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.002 Low
EPSS
Percentile
56.4%