{"containers": {"cna": {"affected": [{"product": "BIND 9", "vendor": "ISC", "versions": [{"status": "affected", "version": "BIND 9.11.0 -> 9.11.7, 9.12.0 -> 9.12.4-P1, 9.14.0 -> 9.14.2. Also all releases of the BIND 9.13 development branch and version 9.15.0 of the BIND 9.15 development branch and BIND Supported Preview Edition versions 9.11.3-S1 -> 9.11.7-S1."}]}], "credits": [{"lang": "en", "value": "ISC would like to thank CERN for helping us to discover this issue."}], "datePublic": "2019-06-19T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "A race condition which may occur when discarding malformed packets can result in BIND exiting due to a REQUIRE assertion failure in dispatch.c. Versions affected: BIND 9.11.0 -> 9.11.7, 9.12.0 -> 9.12.4-P1, 9.14.0 -> 9.14.2. Also all releases of the BIND 9.13 development branch and version 9.15.0 of the BIND 9.15 development branch and BIND Supported Preview Edition versions 9.11.3-S1 -> 9.11.7-S1."}], "metrics": [{"cvssV3_0": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"description": "An attacker who can cause a resolver to perform queries which will be answered by a server which responds with deliberately malformed answers can cause named to exit, denying service to clients.", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-10-09T19:07:11.000Z", "orgId": "404fd4d2-a609-4245-b543-2c944a302a22", "shortName": "isc"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://kb.isc.org/docs/cve-2019-6471"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://support.f5.com/csp/article/K10092301?utm_source=f5support&amp%3Butm_medium=RSS"}], "solutions": [{"lang": "en", "value": "Upgrade to the patched release most closely related to your current version of BIND:\n\n BIND 9.11.8\n BIND 9.12.4-P2\n BIND 9.14.3\n BIND 9.15.1\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9.11.8-S1"}], "source": {"discovery": "USER"}, "title": "A race condition when discarding malformed packets can cause BIND to exit with an assertion failure", "x_generator": {"engine": "Vulnogram 0.0.7"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-officer@isc.org", "DATE_PUBLIC": "2019-06-19T23:00:00.000Z", "ID": "CVE-2019-6471", "STATE": "PUBLIC", "TITLE": "A race condition when discarding malformed packets can cause BIND to exit with an assertion failure"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "BIND 9", "version": {"version_data": [{"version_name": "BIND 9", "version_value": "BIND 9.11.0 -> 9.11.7, 9.12.0 -> 9.12.4-P1, 9.14.0 -> 9.14.2. Also all releases of the BIND 9.13 development branch and version 9.15.0 of the BIND 9.15 development branch and BIND Supported Preview Edition versions 9.11.3-S1 -> 9.11.7-S1."}]}}]}, "vendor_name": "ISC"}]}}, "credit": [{"lang": "eng", "value": "ISC would like to thank CERN for helping us to discover this issue."}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A race condition which may occur when discarding malformed packets can result in BIND exiting due to a REQUIRE assertion failure in dispatch.c. Versions affected: BIND 9.11.0 -> 9.11.7, 9.12.0 -> 9.12.4-P1, 9.14.0 -> 9.14.2. Also all releases of the BIND 9.13 development branch and version 9.15.0 of the BIND 9.15 development branch and BIND Supported Preview Edition versions 9.11.3-S1 -> 9.11.7-S1."}]}, "generator": {"engine": "Vulnogram 0.0.7"}, "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An attacker who can cause a resolver to perform queries which will be answered by a server which responds with deliberately malformed answers can cause named to exit, denying service to clients."}]}]}, "references": {"reference_data": [{"name": "https://kb.isc.org/docs/cve-2019-6471", "refsource": "CONFIRM", "url": "https://kb.isc.org/docs/cve-2019-6471"}, {"name": "https://support.f5.com/csp/article/K10092301?utm_source=f5support&utm_medium=RSS", "refsource": "CONFIRM", "url": "https://support.f5.com/csp/article/K10092301?utm_source=f5support&utm_medium=RSS"}]}, "solution": [{"lang": "en", "value": "Upgrade to the patched release most closely related to your current version of BIND:\n\n BIND 9.11.8\n BIND 9.12.4-P2\n BIND 9.14.3\n BIND 9.15.1\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9.11.8-S1"}], "source": {"discovery": "USER"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T20:23:21.440Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://kb.isc.org/docs/cve-2019-6471"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://support.f5.com/csp/article/K10092301?utm_source=f5support&amp%3Butm_medium=RSS"}]}]}, "cveMetadata": {"assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22", "assignerShortName": "isc", "cveId": "CVE-2019-6471", "datePublished": "2019-10-09T14:17:14.566Z", "dateReserved": "2019-01-16T00:00:00.000Z", "dateUpdated": "2024-09-17T01:56:17.224Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "334FDC15-9CCC-4A88-86E5-E8CBC8A18629", "versionEndIncluding": "11.5.9", "versionStartIncluding": "11.5.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "2A4E33A8-E3C9-452D-95A2-0C3A959ECBA4", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "C23EFF81-0FF4-4B4A-BAC3-85EC62230099", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "24AB3C9F-77E5-4D87-A9C1-366B087E7F68", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:14.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "8E734E1C-A92F-4394-8F33-4429161BE47C", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "A724B2F3-E3FA-456F-9581-0213358B654C", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "6FB6D7D8-2688-48A2-8E3E-341881EF0B4C", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "ADCC726B-F8E9-4F9C-B9FD-5C6F3CBD6C59", "versionEndIncluding": "11.5.9", "versionStartIncluding": "11.5.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "263BD719-575D-4CC0-A61A-D6A81C8B8104", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "66FCB095-3E70-472A-AB9D-60F001F3A539", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "FA39C4F5-4D97-4B0B-8DA9-780F7ACF0A74", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "292EC144-CBA2-4275-9F70-4ED65A505B39", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "22FF4312-2711-4526-B604-796E637139E9", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "B8C7C45A-CC14-4092-903C-3001986D2859", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "355C962E-E284-4AF0-AD70-61C23CA229E6", "versionEndIncluding": "11.5.9", "versionStartIncluding": "11.5.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "8E7F909C-0F37-4FFB-96B9-5443B1BD0FC9", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "5E4EA2A9-C197-40D4-A6AE-A64D69536F99", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "5A3215E6-7223-4AF1-BFD3-BD8AE9B6B572", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "D1FDA72E-991D-4451-9C8E-E738F4D12728", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "B4BFA5B4-AFC0-4E4C-A4E7-ED7BFDC3411F", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "6FF1C75A-F753-40CB-9E26-DA6D31931DDC", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "EDFDB8AF-4315-4B44-AFA8-78D58AFD1DDC", "versionEndIncluding": "11.5.9", "versionStartIncluding": "11.5.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "160670D4-FBF4-40F0-A531-F47A5D425BAD", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "CAECED76-81A2-4A0C-8C2E-24C235BB32DE", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "BDC38EF1-6210-40A1-88FC-964C470E41BA", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:14.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "622C877B-760A-4C50-9FDF-998C010B864E", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:14.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "D3F5F2BF-708F-40F6-9BD0-4779DE9A1785", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:15.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "EACA0835-51AD-4AC0-8C87-5564F3A821CD", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "03102DB5-6581-4B93-84E0-9A3DE06C5397", "versionEndIncluding": "11.5.9", "versionStartIncluding": "11.5.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "14D67BF0-A2B1-4B5B-AAB7-80B09E2EFC36", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "2D7877E8-E50F-4DC6-867D-C19A8DB533E3", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "899BE6FE-B23F-4236-8A5E-B41AFF28E533", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:14.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "44E8F4B6-ACF1-4F2C-A2A4-DF7382CCE628", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "25DAD24A-2D43-498E-BC43-183B669EA1FD", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:15.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "C046FBE7-DCCD-40FE-AC1F-4DAD11D2E0AC", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "29E9362B-E23D-469B-AA78-6324B1CDDB82", "versionEndIncluding": "11.5.9", "versionStartIncluding": "11.5.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "C803A33D-27EA-4D9F-B198-3046AAD5E97C", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "1A5E9908-C959-48FD-8FAC-C0FE329E6FD8", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "442A56A6-935D-427A-8562-144DD770E317", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:14.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "80509490-50DA-42F8-8A4A-A6F6B95649BA", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:14.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "907FEE11-DF3B-4BE7-9BAE-5F6BE20E469D", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:15.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "2C2A9F32-FF72-44AA-AA1A-5B09E8E57E24", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "matchCriteriaId": "053301F7-9F92-4869-854F-615AD3A156A8", "versionEndIncluding": "11.5.9", "versionStartIncluding": "11.5.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "matchCriteriaId": "BD13BE5B-8243-4A0D-9862-0435E9C883C8", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "matchCriteriaId": "88B12CA1-E853-4898-8A06-F991BE19A27A", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "matchCriteriaId": "4C98DCCF-2D89-4C05-A0AE-60CF8228B860", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:14.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "BB76D898-4C7C-40E9-8539-E2A1BC7A5A66", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:14.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "D185434C-67FE-4CD6-A139-BA2FCC9F8878", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:15.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "CA4F1CFB-0FD9-4AEB-BF25-093115F9D891", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "matchCriteriaId": "43D44A10-E6B2-466C-AFCA-ABA73D5207E3", "versionEndIncluding": "11.5.9", "versionStartIncluding": "11.5.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "matchCriteriaId": "D59A6A14-EE0A-439B-8202-D11BD8DCAC60", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "matchCriteriaId": "DE11CCA1-58BF-462E-A0DE-49F3BC1C5499", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "matchCriteriaId": "639FCD86-C487-40DD-9840-8931FAF5DF3A", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:14.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "86D68F26-EF89-4016-BD3A-637951752AAA", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:14.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "1013320D-D0EE-461E-AF90-049F82AC910E", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:15.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "12F0D363-0DE8-4E32-9187-D7ACA0868BD8", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "17D9E4EE-3D52-48BD-B003-D814E14F9C2B", "versionEndIncluding": "11.5.9", "versionStartIncluding": "11.5.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "FC23DA6F-9286-45D8-81A1-CA6FB6EC4D77", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "9A751827-1169-408E-BCE6-A129BDDB489D", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "428C4BEA-AFDA-45EC-9D5F-DDF409461C33", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:9.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "A885EC50-94FA-4367-A9B2-79C8678DEE45", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:14.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "ADAD6E9A-F8B5-4B2D-B687-AEAB518B8F19", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:14.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "1BF46DCE-2603-4E61-87B8-352FF4111567", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:15.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "C3879431-2E02-4B6C-BB4F-C2FF631A0974", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "3B3E05E8-B2CF-44D6-B15C-C02A6DA49276", "versionEndIncluding": "11.5.9", "versionStartIncluding": "11.5.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "3EDDC264-DE67-46A3-8F1A-9B1F965712E6", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "75D817B1-EC06-4180-B272-067299818B09", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "0E3A4646-9AAA-445E-A08F-226D41485DC2", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:9.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "5D9ED500-5797-4692-B68B-84791F7BDC06", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:14.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "23E592A7-B530-4932-A81D-D1B9ABD64047", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:14.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "71666E6B-8615-4D7B-9A7B-2F6D048FE086", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:15.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "1A99DC2F-BFC7-4FEA-87DF-5E9DF428F2D3", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "matchCriteriaId": "2F041B77-BAA4-41C9-A02F-283B5A508ABC", "versionEndIncluding": "11.5.9", "versionStartIncluding": "11.5.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "matchCriteriaId": "D37EF199-1CA5-4201-8F58-856C70B536F7", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "matchCriteriaId": "F367EED9-1F71-4720-BE53-3074FF6049C9", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "matchCriteriaId": "20BF15AA-1183-489E-A24A-FFB5BFD84664", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:9.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "262AA78E-38BE-4210-A0E1-7940F023AC7F", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:14.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "A5A85C15-B821-4992-9B06-45767E7467D2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:14.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "DE8EBE1A-2E66-4E40-8A11-8B6D21914E5F", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:15.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "45D0AF1B-9106-4C38-B1A2-87FC189ADBAB", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "0224CE5D-B406-4733-912B-8FC1FD19DF54", "versionEndIncluding": "11.5.9", "versionStartIncluding": "11.5.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "609EB179-115D-4146-AAF1-D8C4E0530D8F", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "E72B035F-97C1-41C6-B424-F3929B9D7A99", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "E058E775-EAAA-46DF-9F3D-A8D042AAFD88", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:9.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "F20A725C-C676-4106-AD82-771B8D4BFF43", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "7CF10213-FBE4-47A5-8EF2-B45BF15BEB6D", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "2BDE4D90-5AE4-4183-997E-188FF17D497E", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "B872A0D5-9B23-40F2-8AAB-253A4F406D18", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*", "matchCriteriaId": "1E56997D-BE14-4FAE-9B7F-6F64E417B14D", "versionEndIncluding": "9.11.7", "versionStartIncluding": "9.11.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*", "matchCriteriaId": "7C114129-FCB0-4EE9-A538-896C36F2739B", "versionEndIncluding": "9.12.3", "versionStartIncluding": "9.12.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*", "matchCriteriaId": "EA8EE96D-C27B-4995-BFB2-B4AC55ACAE8A", "versionEndIncluding": "9.13.7", "versionStartIncluding": "9.13.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*", "matchCriteriaId": "3388BAEC-A936-491F-9B51-DAFC7CE3D45A", "versionEndIncluding": "9.14.2", "versionStartIncluding": "9.14.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*", "matchCriteriaId": "8889BE5E-3E97-401A-BC81-082F77F72576", "versionEndIncluding": "9.15.5", "versionStartIncluding": "9.15.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:9.11.3:s1:*:*:supported_preview:*:*:*", "matchCriteriaId": "C2FE13E1-0646-46FC-875B-CB4C34E20101", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:9.11.7:s1:*:*:supported_preview:*:*:*", "matchCriteriaId": "AB2B92F1-6BA8-41CA-9000-E0633462CC28", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:9.12.4:-:*:*:*:*:*:*", "matchCriteriaId": "5E1818DE-94E7-4371-999D-DA217F664E9B", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:9.12.4:p1:*:*:*:*:*:*", "matchCriteriaId": "E121D018-42B7-467E-9481-EDA4021401AF", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "D5F5FEE7-059A-4A9B-BCCD-18F0AA435040", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*", "matchCriteriaId": "928A7D30-8099-47B8-A1D2-A4997F54C1C2", "versionEndIncluding": "5.4.0", "versionStartIncluding": "5.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*", "matchCriteriaId": "F37D18F2-8C6A-4557-85DC-2A751595423C", "versionEndIncluding": "6.1.0", "versionStartIncluding": "6.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:iworkflow:2.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "D3CE7526-9630-48EF-81FB-44904AF0653F", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "F4846F5F-F5D9-405F-8A6D-4D4CA19DA04E", "versionEndIncluding": "11.5.9", "versionStartIncluding": "11.5.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "7190E93F-6B10-479C-99CD-9253FCED4F41", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "6166E0DB-2BA5-454D-ABBC-9E4916436A44", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "F42F4AF6-4BCC-497E-A889-0BBCA965CB32", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:9.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "589511FF-F93F-4C54-B89B-B7228EA68F43", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:14.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "D7BBEC67-BD2E-49D5-8294-977D975D98D0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:14.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "C529A4BA-F1B7-4297-A9CC-2FF0EB2CB5AC", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:15.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "AA4AE425-1D86-4DB9-8B8F-74C6678BD528", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A race condition which may occur when discarding malformed packets can result in BIND exiting due to a REQUIRE assertion failure in dispatch.c. Versions affected: BIND 9.11.0 -> 9.11.7, 9.12.0 -> 9.12.4-P1, 9.14.0 -> 9.14.2. Also all releases of the BIND 9.13 development branch and version 9.15.0 of the BIND 9.15 development branch and BIND Supported Preview Edition versions 9.11.3-S1 -> 9.11.7-S1."}, {"lang": "es", "value": "Una condici\u00f3n de carrera que puede presentarse al descartar paquetes malformados puede provocar la salida de BIND debido a un fallo de aserci\u00f3n de REQUIRE en el archivo dispatch.c. Versiones afectadas: BIND 9.11.0 hasta 9.11.7, 9.12.0 hasta 9.12.4-P1, 9.14.0 hasta 9.14.2. Tambi\u00e9n todas las versiones de la rama de desarrollo BIND 9.13 y la versi\u00f3n 9.15.0 de la rama de desarrollo BIND 9.15 y las versiones 9.11.3-S1 hasta 9.11.7-S1 de BIND Support Preview Edition."}], "id": "CVE-2019-6471", "lastModified": "2024-11-21T04:46:30.843", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "security-officer@isc.org", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-10-09T16:15:17.170", "references": [{"source": "security-officer@isc.org", "tags": ["Third Party Advisory"], "url": "https://kb.isc.org/docs/cve-2019-6471"}, {"source": "security-officer@isc.org", "url": "https://support.f5.com/csp/article/K10092301?utm_source=f5support&amp%3Butm_medium=RSS"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://kb.isc.org/docs/cve-2019-6471"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://support.f5.com/csp/article/K10092301?utm_source=f5support&amp%3Butm_medium=RSS"}], "sourceIdentifier": "security-officer@isc.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-362"}, {"lang": "en", "value": "CWE-617"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank ISC for reporting this issue.", "affected_release": [{"advisory": "RHSA-2019:1714", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "bind-32:9.11.4-17.P2.el8_0.1", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2019-07-10T00:00:00Z"}, {"advisory": "RHSA-2019:1714", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "bind-32:9.11.4-17.P2.el8_0.1", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2019-07-10T00:00:00Z"}], "bugzilla": {"description": "bind: Race condition when discarding malformed packets can cause bind to exit with assertion failure", "id": "1721780", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1721780"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.9", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "details": ["A race condition which may occur when discarding malformed packets can result in BIND exiting due to a REQUIRE assertion failure in dispatch.c. Versions affected: BIND 9.11.0 -> 9.11.7, 9.12.0 -> 9.12.4-P1, 9.14.0 -> 9.14.2. Also all releases of the BIND 9.13 development branch and version 9.15.0 of the BIND 9.15 development branch and BIND Supported Preview Edition versions 9.11.3-S1 -> 9.11.7-S1.", "A race condition leading to denial of service was found in the way bind handled certain malformed packets. A remote attacker who could cause the bind resolver to perform queries on a server, which responds deliberately with malformed answers, could cause named to exit."], "name": "CVE-2019-6471", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "bind", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "bind97", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "bind", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "bind", "product_name": "Red Hat Enterprise Linux 7"}], "public_date": "2019-06-19T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2019-6471\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-6471\nhttps://kb.isc.org/docs/cve-2019-6471"], "statement": "This bind flaw can be exploited by a remote attacker (AV:N). However the attack works only if the attacker could cause the bind server to perform queries on another DNS server and the other DNS server deliberately responds with malformed answers (AC:H). No other special privileges are required by the attacker (PR:L). No user interaction is required from the server side (UI:N). The attacker can cause denial of service (A:H) by causing the named process to exit with an assertion flaw. There is no affect on the Confidentiality or Integrity of the system (C:N/I:N).", "threat_severity": "Important"}

{}