CVE-2020-8621

{"id": "CVE-2020-8621", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "security-officer@isc.org", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2020-08-21T21:15:12.167", "references": [{"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "security-officer@isc.org"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "security-officer@isc.org"}, {"url": "https://kb.isc.org/docs/cve-2020-8621", "tags": ["Vendor Advisory"], "source": "security-officer@isc.org"}, {"url": "https://security.gentoo.org/glsa/202008-19", "tags": ["Third Party Advisory"], "source": "security-officer@isc.org"}, {"url": "https://security.netapp.com/advisory/ntap-20200827-0003/", "tags": ["Third Party Advisory"], "source": "security-officer@isc.org"}, {"url": "https://usn.ubuntu.com/4468-1/", "tags": ["Third Party Advisory"], "source": "security-officer@isc.org"}, {"url": "https://www.synology.com/security/advisory/Synology_SA_20_19", "tags": ["Third Party Advisory"], "source": "security-officer@isc.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-617"}]}], "descriptions": [{"lang": "en", "value": "In BIND 9.14.0 -> 9.16.5, 9.17.0 -> 9.17.3, If a server is configured with both QNAME minimization and 'forward first' then an attacker who can send queries to it may be able to trigger the condition that will cause the server to crash. Servers that 'forward only' are not affected."}, {"lang": "es", "value": "En BIND versiones 9.14.0 -) 9.16.5, 9.17.0 -) 9.17.3, si un servidor est\u00e1 configurado con minimizaci\u00f3n de QNAME y \"forward first\", entonces un atacante que pueda enviarle consultas puede ser capaz de desencadenar la condici\u00f3n que causar\u00e1 que el servidor se bloquee. Los servidores con \"forward only\" no est\u00e1n afectados."}], "lastModified": "2022-04-28T18:27:41.020", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A5C115A2-721C-4A50-96E3-E31833829E37", "versionEndIncluding": "9.16.5", "versionStartIncluding": "9.14.0"}, {"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "85031A21-4F54-4CE6-B0F3-66D09928FF3C", "versionEndIncluding": "9.17.3", "versionStartIncluding": "9.17.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493"}, {"criteria": "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B009C22E-30A4-4288-BCF6-C3E81DEAF45A"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "vulnerable": true, "matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "902B8056-9E37-443B-8905-8AA93E2447FB"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:synology:dns_server:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "54997147-2421-4DE2-9B7C-844D0DC89D20", "versionEndExcluding": "2.2.2-5027"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E94F7F59-1785-493F-91A7-5F5EA5E87E4D"}], "operator": "OR"}]}], "sourceIdentifier": "security-officer@isc.org"}