Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2021-25215

Опубликовано: 29 апр. 2021
Источник: nvd
CVSS3: 7.5
CVSS2: 5
EPSS Низкий

Описание

In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a query for a record triggering the flaw described above, the named process will terminate due to a failed assertion check. The vulnerability affects all currently maintained BIND 9 branches (9.11, 9.11-S, 9.16, 9.16-S, 9.17) as well as all other versions of BIND 9.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*
Версия от 9.0.0 (включая) до 9.11.31 (исключая)
cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*
Версия от 9.12.0 (включая) до 9.16.15 (исключая)
cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*
Версия от 9.17.0 (включая) до 9.17.12 (исключая)
cpe:2.3:a:isc:bind:9.9.3:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.9.12:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.9.13:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.10.5:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.10.7:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.3:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.5:s3:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.5:s5:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.5:s6:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.6:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.7:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.8:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.12:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.21:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.27:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.29:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.16.8:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.16.11:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.16.13:s1:*:*:supported_preview:*:*:*
Конфигурация 3

Одно из

cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
Конфигурация 4

Одно из

cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
Конфигурация 5

Одновременно

cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*
Конфигурация 6

Одновременно

cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*
Конфигурация 7

Одновременно

cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*
Конфигурация 8

Одновременно

cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*
Конфигурация 9

Одновременно

cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*
Конфигурация 10

Одновременно

cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*
Конфигурация 11

Одновременно

cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*
Конфигурация 12

Одновременно

cpe:2.3:o:netapp:a250_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a250:-:*:*:*:*:*:*:*
Конфигурация 13

Одновременно

cpe:2.3:o:netapp:500f_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:500f:-:*:*:*:*:*:*:*
Конфигурация 14
cpe:2.3:a:oracle:tekelec_platform_distribution:*:*:*:*:*:*:*:*
Версия от 7.4.0 (включая) до 7.7.1 (включая)
Конфигурация 15
cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*
Версия до 1.0.1.1 (исключая)

EPSS

Процентиль: 83%
0.0214
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-617

Связанные уязвимости

ubuntu логотип

CVE-2021-25215

CVSS3: 7.5
ubuntu
около 4 лет назад

In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a query for a record triggering the flaw described above, the named process will terminate due to a failed assertion check. The vulnerability affects all currently maintained BIND 9 branches (9.11, 9.11-S, 9.16, 9.16-S, 9.17) as well as all other versions of BIND 9.

redhat логотип

CVE-2021-25215

CVSS3: 7.5
redhat
около 4 лет назад

In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a query for a record triggering the flaw described above, the named process will terminate due to a failed assertion check. The vulnerability affects all currently maintained BIND 9 branches (9.11, 9.11-S, 9.16, 9.16-S, 9.17) as well as all other versions of BIND 9.

msrc логотип

CVE-2021-25215

CVSS3: 7.5
msrc
около 4 лет назад

Описание отсутствует

debian логотип

CVE-2021-25215

CVSS3: 7.5
debian
около 4 лет назад

In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S ...

rocky логотип

RLSA-2021:1989

rocky
почти 4 года назад

Important: bind security update

EPSS

Процентиль: 83%
0.0214
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-617