7.5
CVE-2024-4076
- EPSS 0.11%
- Published 23.07.2024 15:15:05
- Last modified 21.11.2024 09:42:08
- Source security-officer@isc.org
- Teams watchlist Login
- Open Login
Client queries that trigger serving stale data and that also require lookups in local authoritative zone data may result in an assertion failure. This issue affects BIND 9 versions 9.16.13 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.33-S1 through 9.11.37-S1, 9.16.13-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.27-S1.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users. Login
Daten sind bereitgestellt durch das CVE Programm von Authorized Data Publishers (ADP) (Unstrukturiert)
Vendorisc
≫
Product
bind
Default Statusunknown
Version <=
9.16.50
Version
9.16.13
Status
affected
Version <=
9.18.27
Version
9.18.0
Status
affected
Version <=
9.19.24
Version
9.19.0
Status
affected
Version <=
9.11.37-s1
Version
9.11.33-s1
Status
affected
Version <=
9.16.50-s1
Version
9.16.13-s1
Status
affected
Version <=
9.18.27-s1
Version
9.18.11-s1
Status
affected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.11% | 0.299 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| security-officer@isc.org | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
CWE-617 Reachable Assertion
The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.