CVE-2020-8624

EPSS 1.95%
Published 21.08.2020 21:15:12
Last modified 21.11.2024 05:39:08
Source security-officer@isc.org
Teams watchlist Login
Open Login

In BIND 9.9.12 -> 9.9.13, 9.10.7 -> 9.10.8, 9.11.3 -> 9.11.21, 9.12.1 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.12-S1 -> 9.9.13-S1, 9.11.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker who has been granted privileges to change a specific subset of the zone's content could abuse these unintended additional privileges to update other contents of the zone.

Affected products Warnungen 0 Metrics 4 CWE 1 References 13

Data is provided by the National Vulnerability Database (NVD)

Isc ≫ Bind Version >= 9.9.12 <= 9.9.13

Isc ≫ Bind Version >= 9.10.7 <= 9.10.8

Isc ≫ Bind Version >= 9.11.3 <= 9.11.21

Isc ≫ Bind Version >= 9.12.1 <= 9.16.5

Isc ≫ Bind Version >= 9.17.0 <= 9.17.3

Isc ≫ Bind Version9.9.12 Updates1 SwEditionsupported_preview

Isc ≫ Bind Version9.9.13 Updates1 SwEditionsupported_preview

Isc ≫ Bind Version9.11.3 Updates1 SwEditionsupported_preview

Isc ≫ Bind Version9.11.21 Updates1 SwEditionsupported_preview

Netapp ≫ Steelstore Cloud Integrated Storage Version-

Canonical ≫ Ubuntu Linux Version16.04 SwEditionesm

Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts

Canonical ≫ Ubuntu Linux Version20.04 SwEditionlts

Debian ≫ Debian Linux Version10.0

Fedoraproject ≫ Fedora Version31

Fedoraproject ≫ Fedora Version32

Opensuse ≫ Leap Version15.1

Opensuse ≫ Leap Version15.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	1.95%	0.829

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.3	2.8	1.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
nvd@nist.gov	4	8	2.9	AV:N/AC:L/Au:S/C:N/I:P/A:N
security-officer@isc.org	4.3	2.8	1.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N