7.5
CVE-2024-4076
- EPSS 0.11%
- Veröffentlicht 23.07.2024 15:15:05
- Zuletzt bearbeitet 15.04.2026 00:35:42
- Quelle security-officer@isc.org
- CVE-Watchlists
- Unerledigt
Assertion failure when serving both stale cache data and authoritative zone content
Client queries that trigger serving stale data and that also require lookups in local authoritative zone data may result in an assertion failure. This issue affects BIND 9 versions 9.16.13 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.33-S1 through 9.11.37-S1, 9.16.13-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.27-S1.
Daten sind bereitgestellt durch das CVE Programm von Authorized Data Publishers (ADP) (Unstrukturiert)
Herstellerisc
≫
Produkt
bind
Default Statusunknown
Version <=
9.16.50
Version
9.16.13
Status
affected
Version <=
9.18.27
Version
9.18.0
Status
affected
Version <=
9.19.24
Version
9.19.0
Status
affected
Version <=
9.11.37-s1
Version
9.11.33-s1
Status
affected
Version <=
9.16.50-s1
Version
9.16.13-s1
Status
affected
Version <=
9.18.27-s1
Version
9.18.11-s1
Status
affected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.11% | 0.288 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| security-officer@isc.org | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
CWE-617 Reachable Assertion
The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.