Redhat provided Bind is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE.
CVEID:CVE-2020-8625
**DESCRIPTION:**ISC BIND is vulnerable to a buffer overflow, caused by improper bounds checking by the SPNEGO implementation. By setting valid values for the tkey-gssapi-keytab or tkey-gssapi-credentialconfiguration options, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the named process to crash.
CVSS Base score: 8.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/196959 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
Affected Product(s) | Version(s) |
---|---|
IBM Integrated Analytics System | 1.0.0-1.0.25.0 |
Product | VRMF | Remediation / First Fix |
---|---|---|
IBM Integrated Analytics System | 1.0.26.0 | Link To Fix Central |
None
CPE | Name | Operator | Version |
---|---|---|---|
ibm integrated analytics system | eq | any |