1. Home
  2. Vulnerabilities
  3. CVE-2020-8623

CVE-2020-8623

CVSS v3.1 7.5 (High)
75% Progress
CVSS v2.0 4.3 (Medium)
43% Progress
EPSS 2.44 % (90th)
2.44% Progress
Affected Products 7
Advisories 16
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To be vulnerable, the system must: * be running BIND that was built with "--enable-native-pkcs11" * be signing one or more zones with an RSA key * be able to receive queries from a possible attacker

Weaknesses
CWE-617
Reachable Assertion
CVE Status
PUBLISHED
CNA
Internet Systems Consortium (ISC)
Published Date
2020-08-21 21:15:12
(4 years ago)
Updated Date
2023-11-07 03:26:38
(10 months ago)

Affected Products

Canonical

Debian

Fedoraproject

Isc

Netapp

Opensuse

Synology

Configuration #1

    CPE23 From Up To
  Isc Bind from 9.10.0 version and 9.11.21 and prior versions cpe:2.3:a:isc:bind >= 9.10.0 <= 9.11.21
  Isc Bind from 9.12.1 version and 9.16.5 and prior versions cpe:2.3:a:isc:bind >= 9.12.1 <= 9.16.5
  Isc Bind from 9.17.0 version and 9.17.3 and prior versions cpe:2.3:a:isc:bind >= 9.17.0 <= 9.17.3

Configuration #2

    CPE23 From Up To
  Isc Bind 9.10.5 S1 cpe:2.3:a:isc:bind:9.10.5:s1:*:*:supported_preview
  Isc Bind 9.11.21 S1 cpe:2.3:a:isc:bind:9.11.21:s1:*:*:supported_preview

Configuration #3

    CPE23 From Up To
  Fedoraproject Fedora 31 cpe:2.3:o:fedoraproject:fedora:31
  Fedoraproject Fedora 32 cpe:2.3:o:fedoraproject:fedora:32

Configuration #4

    CPE23 From Up To
  Opensuse Leap 15.1 cpe:2.3:o:opensuse:leap:15.1
  Opensuse Leap 15.2 cpe:2.3:o:opensuse:leap:15.2

Configuration #5

    CPE23 From Up To
  Debian Linux 9.0 cpe:2.3:o:debian:debian_linux:9.0
  Debian Linux 10.0 cpe:2.3:o:debian:debian_linux:10.0

Configuration #6

    CPE23 From Up To
  Canonical Ubuntu Linux 16.04 cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm
  Canonical Ubuntu Linux 18.04 cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts
  Canonical Ubuntu Linux 20.04 cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts

Configuration #7

    CPE23 From Up To
  Synology Dns Server prior 2.2.2-5027 version cpe:2.3:a:synology:dns_server < 2.2.2-5027

Configuration #8

    CPE23 From Up To
  Netapp Steelstore Cloud Integrated Storage cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-