7.5
CVE-2024-4076
- EPSS 0.11%
- Veröffentlicht 23.07.2024 15:15:05
- Zuletzt bearbeitet 21.11.2024 09:42:08
- Quelle security-officer@isc.org
- CVE-Watchlists
- Unerledigt
Client queries that trigger serving stale data and that also require lookups in local authoritative zone data may result in an assertion failure. This issue affects BIND 9 versions 9.16.13 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.33-S1 through 9.11.37-S1, 9.16.13-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.27-S1.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginDaten sind bereitgestellt durch das CVE Programm von Authorized Data Publishers (ADP) (Unstrukturiert)
Herstellerisc
≫
Produkt
bind
Default Statusunknown
Version <=
9.16.50
Version
9.16.13
Status
affected
Version <=
9.18.27
Version
9.18.0
Status
affected
Version <=
9.19.24
Version
9.19.0
Status
affected
Version <=
9.11.37-s1
Version
9.11.33-s1
Status
affected
Version <=
9.16.50-s1
Version
9.16.13-s1
Status
affected
Version <=
9.18.27-s1
Version
9.18.11-s1
Status
affected
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.11% | 0.298 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| security-officer@isc.org | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
CWE-617 Reachable Assertion
The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.