7.5
CVE-2016-9147
- EPSS 24.6%
- Veröffentlicht 12.01.2017 06:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
named in ISC BIND 9.9.9-P4, 9.9.9-S6, 9.10.4-P4, and 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a response containing an inconsistency among the DNSSEC-related RRsets.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 24.6% | 0.976 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
https://security.netapp.com/advisory/ntap-20180926-0005/
https://access.redhat.com/errata/RHSA-2017:1583
http://rhn.redhat.com/errata/RHSA-2017-0062.html
http://www.debian.org/security/2017/dsa-3758
http://www.securitytracker.com/id/1037582
https://security.gentoo.org/glsa/201708-01
http://rhn.redhat.com/errata/RHSA-2017-0063.html
http://rhn.redhat.com/errata/RHSA-2017-0064.html
http://www.securityfocus.com/bid/95390
https://access.redhat.com/errata/RHSA-2017:1582
https://kb.isc.org/article/AA-01440/74/CVE-2016-9147