7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
8.3 High
AI Score
Confidence
High
0.05 Low
EPSS
Percentile
92.9%
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.
Security Fix(es):
bind9.16: Preparing an NSEC3 closest encloser proof can exhaust CPU resources (CVE-2023-50868)
bind9.16: KeyTrap - Extreme CPU consumption in DNSSEC validator (CVE-2023-50387)
bind9.16: Specific recursive query patterns may lead to an out-of-memory condition (CVE-2023-6516)
bind9.16: Enabling both DNS64 and serve-stale may cause an assertion failure during recursive resolution (CVE-2023-5679)
bind9.16: Querying RFC 1918 reverse zones may cause an assertion failure when “nxdomain-redirect” is enabled (CVE-2023-5517)
bind9.16: bind9: Parsing large DNS messages may cause excessive CPU load (CVE-2023-4408)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
8.3 High
AI Score
Confidence
High
0.05 Low
EPSS
Percentile
92.9%