CVE-2019-6471

EPSS 1.64%
Published 09.10.2019 16:15:17
Last modified 21.11.2024 04:46:30
Source security-officer@isc.org
Teams watchlist Login
Open Login

A race condition which may occur when discarding malformed packets can result in BIND exiting due to a REQUIRE assertion failure in dispatch.c. Versions affected: BIND 9.11.0 -> 9.11.7, 9.12.0 -> 9.12.4-P1, 9.14.0 -> 9.14.2. Also all releases of the BIND 9.13 development branch and version 9.15.0 of the BIND 9.15 development branch and BIND Supported Preview Edition versions 9.11.3-S1 -> 9.11.7-S1.

Affected products Warnungen 0 Metrics 4 CWE 2 References 5

Data is provided by the National Vulnerability Database (NVD)

F5 ≫ Big-ip Local Traffic Manager Version >= 11.5.2 <= 11.5.9

F5 ≫ Big-ip Local Traffic Manager Version >= 11.6.1 <= 11.6.4

F5 ≫ Big-ip Local Traffic Manager Version >= 12.1.0 <= 12.1.4

F5 ≫ Big-ip Local Traffic Manager Version >= 13.1.0 <= 13.1.1

F5 ≫ Big-ip Local Traffic Manager Version14.0.0

F5 ≫ Big-ip Local Traffic Manager Version14.1.0

F5 ≫ Big-ip Local Traffic Manager Version15.0.0

F5 ≫ Big-ip Application Acceleration Manager Version >= 11.5.2 <= 11.5.9

F5 ≫ Big-ip Application Acceleration Manager Version >= 11.6.1 <= 11.6.4

F5 ≫ Big-ip Application Acceleration Manager Version >= 12.1.0 <= 12.1.4

F5 ≫ Big-ip Application Acceleration Manager Version >= 13.1.0 <= 13.1.1

F5 ≫ Big-ip Application Acceleration Manager Version14.0.0

F5 ≫ Big-ip Application Acceleration Manager Version14.1.0

F5 ≫ Big-ip Application Acceleration Manager Version15.0.0

F5 ≫ Big-ip Advanced Firewall Manager Version >= 11.5.2 <= 11.5.9

F5 ≫ Big-ip Advanced Firewall Manager Version >= 11.6.1 <= 11.6.4

F5 ≫ Big-ip Advanced Firewall Manager Version >= 12.1.0 <= 12.1.4

F5 ≫ Big-ip Advanced Firewall Manager Version >= 13.1.0 <= 13.1.1

F5 ≫ Big-ip Advanced Firewall Manager Version14.0.0

F5 ≫ Big-ip Advanced Firewall Manager Version14.1.0

F5 ≫ Big-ip Advanced Firewall Manager Version15.0.0

F5 ≫ Big-ip Analytics Version >= 11.5.2 <= 11.5.9

F5 ≫ Big-ip Analytics Version >= 11.6.1 <= 11.6.4

F5 ≫ Big-ip Analytics Version >= 12.1.0 <= 12.1.4

F5 ≫ Big-ip Analytics Version >= 13.1.0 <= 13.1.1

F5 ≫ Big-ip Analytics Version14.0.0

F5 ≫ Big-ip Analytics Version14.1.0

F5 ≫ Big-ip Analytics Version15.0.0

F5 ≫ Big-ip Access Policy Manager Version >= 11.5.2 <= 11.5.9

F5 ≫ Big-ip Access Policy Manager Version >= 11.6.1 <= 11.6.4

F5 ≫ Big-ip Access Policy Manager Version >= 12.1.0 <= 12.1.4

F5 ≫ Big-ip Access Policy Manager Version >= 13.1.0 <= 13.1.1

F5 ≫ Big-ip Access Policy Manager Version14.0.0

F5 ≫ Big-ip Access Policy Manager Version14.1.0

F5 ≫ Big-ip Access Policy Manager Version15.0.0

F5 ≫ Big-ip Application Security Manager Version >= 11.5.2 <= 11.5.9

F5 ≫ Big-ip Application Security Manager Version >= 11.6.1 <= 11.6.4

F5 ≫ Big-ip Application Security Manager Version >= 12.1.0 <= 12.1.4

F5 ≫ Big-ip Application Security Manager Version >= 13.1.0 <= 13.1.1

F5 ≫ Big-ip Application Security Manager Version14.0.0

F5 ≫ Big-ip Application Security Manager Version14.1.0

F5 ≫ Big-ip Application Security Manager Version15.0.0

F5 ≫ Big-ip Edge Gateway Version >= 11.5.2 <= 11.5.9

F5 ≫ Big-ip Edge Gateway Version >= 11.6.1 <= 11.6.4

F5 ≫ Big-ip Edge Gateway Version >= 12.1.0 <= 12.1.4

F5 ≫ Big-ip Edge Gateway Version >= 13.1.0 <= 13.1.1

F5 ≫ Big-ip Edge Gateway Version14.0.0

F5 ≫ Big-ip Edge Gateway Version14.1.0

F5 ≫ Big-ip Edge Gateway Version15.0.0

F5 ≫ Big-ip Fraud Protection Service Version >= 11.5.2 <= 11.5.9

F5 ≫ Big-ip Fraud Protection Service Version >= 11.6.1 <= 11.6.4

F5 ≫ Big-ip Fraud Protection Service Version >= 12.1.0 <= 12.1.4

F5 ≫ Big-ip Fraud Protection Service Version >= 13.1.0 <= 13.1.1

F5 ≫ Big-ip Fraud Protection Service Version14.0.0

F5 ≫ Big-ip Fraud Protection Service Version14.1.0

F5 ≫ Big-ip Fraud Protection Service Version15.0.0

F5 ≫ Big-ip Global Traffic Manager Version >= 11.5.2 <= 11.5.9

F5 ≫ Big-ip Global Traffic Manager Version >= 11.6.1 <= 11.6.4

F5 ≫ Big-ip Global Traffic Manager Version >= 12.1.0 <= 12.1.4

F5 ≫ Big-ip Global Traffic Manager Version >= 13.1.0 <= 13.1.1

F5 ≫ Big-ip Global Traffic Manager Version9.2.2

F5 ≫ Big-ip Global Traffic Manager Version14.0.0

F5 ≫ Big-ip Global Traffic Manager Version14.1.0

F5 ≫ Big-ip Global Traffic Manager Version15.0.0

F5 ≫ Big-ip Link Controller Version >= 11.5.2 <= 11.5.9

F5 ≫ Big-ip Link Controller Version >= 11.6.1 <= 11.6.4

F5 ≫ Big-ip Link Controller Version >= 12.1.0 <= 12.1.4

F5 ≫ Big-ip Link Controller Version >= 13.1.0 <= 13.1.1

F5 ≫ Big-ip Link Controller Version9.2.2

F5 ≫ Big-ip Link Controller Version14.0.0

F5 ≫ Big-ip Link Controller Version14.1.0

F5 ≫ Big-ip Link Controller Version15.0.0

F5 ≫ Big-ip Webaccelerator Version >= 11.5.2 <= 11.5.9

F5 ≫ Big-ip Webaccelerator Version >= 11.6.1 <= 11.6.4

F5 ≫ Big-ip Webaccelerator Version >= 12.1.0 <= 12.1.4

F5 ≫ Big-ip Webaccelerator Version >= 13.1.0 <= 13.1.1

F5 ≫ Big-ip Webaccelerator Version9.2.2

F5 ≫ Big-ip Webaccelerator Version14.0.0

F5 ≫ Big-ip Webaccelerator Version14.1.0

F5 ≫ Big-ip Webaccelerator Version15.0.0

F5 ≫ Big-ip Policy Enforcement Manager Version >= 11.5.2 <= 11.5.9

F5 ≫ Big-ip Policy Enforcement Manager Version >= 11.6.1 <= 11.6.4

F5 ≫ Big-ip Policy Enforcement Manager Version >= 12.1.0 <= 12.1.4

F5 ≫ Big-ip Policy Enforcement Manager Version >= 13.1.0 <= 13.1.1

F5 ≫ Big-ip Policy Enforcement Manager Version9.2.2

F5 ≫ Big-ip Policy Enforcement Manager Version14.0.0

F5 ≫ Big-ip Policy Enforcement Manager Version14.1.0

F5 ≫ Big-ip Policy Enforcement Manager Version15.0.0

Isc ≫ Bind Version >= 9.11.0 <= 9.11.7

Isc ≫ Bind Version >= 9.12.0 <= 9.12.3

Isc ≫ Bind Version >= 9.13.0 <= 9.13.7

Isc ≫ Bind Version >= 9.14.0 <= 9.14.2

Isc ≫ Bind Version >= 9.15.0 <= 9.15.5

Isc ≫ Bind Version9.11.3 Updates1 SwEditionsupported_preview

Isc ≫ Bind Version9.11.7 Updates1 SwEditionsupported_preview

Isc ≫ Bind Version9.12.4 Update-

Isc ≫ Bind Version9.12.4 Updatep1

F5 ≫ Enterprise Manager Version3.1.1

F5 ≫ Big-iq Centralized Management Version >= 5.1.0 <= 5.4.0

F5 ≫ Big-iq Centralized Management Version >= 6.0.0 <= 6.1.0

F5 ≫ Iworkflow Version2.3.0

F5 ≫ Big-ip Domain Name System Version >= 11.5.2 <= 11.5.9

F5 ≫ Big-ip Domain Name System Version >= 11.6.1 <= 11.6.4

F5 ≫ Big-ip Domain Name System Version >= 12.1.0 <= 12.1.4

F5 ≫ Big-ip Domain Name System Version >= 13.1.0 <= 13.1.1

F5 ≫ Big-ip Domain Name System Version9.2.2

F5 ≫ Big-ip Domain Name System Version14.0.0

F5 ≫ Big-ip Domain Name System Version14.1.0

F5 ≫ Big-ip Domain Name System Version15.0.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	1.64%	0.802

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.9	2.2	3.6	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:N/A:P
security-officer@isc.org	5.9	2.2	3.6	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

CWE-617 Reachable Assertion

The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

https://kb.isc.org/docs/cve-2019-6471

Third Party Advisory

https://support.f5.com/csp/article/K10092301?utm_source=f5support&amp%3Butm_medium=RSS

https://nvd.nist.gov/vuln/detail/CVE-2019-6471

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-6471

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-6471

EUVD