Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-8620

Опубликовано: 21 авг. 2020
Источник: nvd
CVSS3: 7.5
CVSS2: 5
EPSS Низкий

Описание

In BIND 9.15.6 -> 9.16.5, 9.17.0 -> 9.17.3, An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure, causing the server to exit.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*
Версия от 9.15.6 (включая) до 9.16.5 (включая)
cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*
Версия от 9.17.0 (включая) до 9.17.3 (включая)
Конфигурация 2

Одно из

cpe:2.3:a:isc:bind:9.9.12:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.9.13:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.3:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.21:s1:*:*:supported_preview:*:*:*
Конфигурация 3

Одно из

cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*
Конфигурация 4
cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*
Конфигурация 5

Одно из

cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

EPSS

Процентиль: 91%
0.07292
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-617

Связанные уязвимости

ubuntu логотип

CVE-2020-8620

CVSS3: 7.5
ubuntu
больше 5 лет назад

In BIND 9.15.6 -> 9.16.5, 9.17.0 -> 9.17.3, An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure, causing the server to exit.

redhat логотип

CVE-2020-8620

CVSS3: 7.5
redhat
больше 5 лет назад

In BIND 9.15.6 -> 9.16.5, 9.17.0 -> 9.17.3, An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure, causing the server to exit.

msrc логотип

CVE-2020-8620

CVSS3: 7.5
msrc
больше 5 лет назад

In BIND 9.15.6 -> 9.16.5 9.17.0 -> 9.17.3 An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure causing the server to exit.

debian логотип

CVE-2020-8620

CVSS3: 7.5
debian
больше 5 лет назад

In BIND 9.15.6 -> 9.16.5, 9.17.0 -> 9.17.3, An attacker who can establ ...

github логотип

GHSA-p5fp-cw6q-m6xc

CVSS3: 7.5
github
больше 3 лет назад

In BIND 9.15.6 -> 9.16.5, 9.17.0 -> 9.17.3, An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure, causing the server to exit.

EPSS

Процентиль: 91%
0.07292
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-617