CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
49.4%
IBM Spectrum Conductor with ISC BIND is vulnerable to a denial of service
CVEID:CVE-2023-2911
**DESCRIPTION:**ISC BIND is vulnerable to a denial of service, caused by an error when exceeding the recursive-clients quota. By sending specific queries to the resolver, a remote attacker could exploit this vulnerability to cause named to terminate.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/258609 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Affected Product(s) | Version(s) |
---|---|
IBM Spectrum Conductor | 2.5.0 |
IBM Spectrum Conductor | 2.5.1 |
IBM strongly suggests the following remediation or fix:
Upgrade to the latest versions of IBM Spectrum Conductor 2.5.1 FP2 (IBM Spectrum Conductor 2.5.1 with Fix 601712).
None
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
49.4%