{"containers": {"cna": {"affected": [{"product": "BIND9", "vendor": "ISC", "versions": [{"status": "affected", "version": "9.0.0 -> 9.11.18, 9.12.0 -> 9.12.4-P2, 9.14.0 -> 9.14.11, 9.16.0 -> 9.16.2, and releases 9.17.0 -> 9.17.1 of the 9.17 experimental development branch. All releases in the obsolete 9.13 and 9.15 development branches. All releases of BIND Supported Preview Edition from 9.9.3-S1 -> 9.11.18-S1"}]}], "datePublic": "2020-05-19T00:00:00", "descriptions": [{"lang": "en", "value": "Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whose configuration does not otherwise make use of it, almost all current BIND servers are vulnerable. In releases of BIND dating from March 2018 and after, an assertion check in tsig.c detects this inconsistent state and deliberately exits. Prior to the introduction of the check the server would continue operating in an inconsistent state, with potentially harmful results."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"description": "An error in BIND code which checks the validity of messages containing TSIG resource records can be exploited by an attacker to trigger an assertion failure in tsig.c, resulting in denial of service to clients. BIND 9.0.0 -> 9.11.18, 9.12.0 -> 9.12.4-P2, 9.14.0 -> 9.14.11, 9.16.0 -> 9.16.2, and releases 9.17.0 -> 9.17.1 of the 9.17 experimental development branch. All releases in the obsolete 9.13 and 9.15 development branches. All releases of BIND Supported Preview Edition from 9.9.3-S1 -> 9.11.18-S1.", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-10-20T11:06:39", "orgId": "404fd4d2-a609-4245-b543-2c944a302a22", "shortName": "isc"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://kb.isc.org/docs/cve-2020-8617"}, {"name": "[oss-security] 20200519 Two vulnerabilities disclosed in BIND (CVE-2020-8616 and CVE-2020-8617)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2020/05/19/4"}, {"name": "DSA-4689", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2020/dsa-4689"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20200522-0002/"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/157836/BIND-TSIG-Denial-Of-Service.html"}, {"name": "USN-4365-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/4365-2/"}, {"name": "USN-4365-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/4365-1/"}, {"name": "[debian-lts-announce] 20200530 [SECURITY] [DLA 2227-1] bind9 security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00031.html"}, {"name": "FEDORA-2020-2d89cbcfd9", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WOGCJS2XQ3SQNF4W6GLZ73LWZJ6ZZWZI/"}, {"name": "FEDORA-2020-f9dcd4e9d5", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JKJXVBOKZ36ER3EUCR7VRB7WGHIIMPNJ/"}, {"name": "openSUSE-SU-2020:1699", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"}, {"name": "openSUSE-SU-2020:1701", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"}], "solutions": [{"lang": "en", "value": "Upgrade to the patched release most closely related to your current version of BIND:\n\n BIND 9.11.19\n BIND 9.14.12\n BIND 9.16.3\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9.11.19-S1"}], "source": {"discovery": "EXTERNAL"}, "title": "A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c", "workarounds": [{"lang": "en", "value": "None known."}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-officer@isc.org", "DATE_PUBLIC": "2020-05-19T08:59:49.000Z", "ID": "CVE-2020-8617", "STATE": "PUBLIC", "TITLE": "A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "BIND9", "version": {"version_data": [{"version_affected": "=", "version_value": "9.0.0 -> 9.11.18, 9.12.0 -> 9.12.4-P2, 9.14.0 -> 9.14.11, 9.16.0 -> 9.16.2, and releases 9.17.0 -> 9.17.1 of the 9.17 experimental development branch. All releases in the obsolete 9.13 and 9.15 development branches. All releases of BIND Supported Preview Edition from 9.9.3-S1 -> 9.11.18-S1"}]}}]}, "vendor_name": "ISC"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whose configuration does not otherwise make use of it, almost all current BIND servers are vulnerable. In releases of BIND dating from March 2018 and after, an assertion check in tsig.c detects this inconsistent state and deliberately exits. Prior to the introduction of the check the server would continue operating in an inconsistent state, with potentially harmful results."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An error in BIND code which checks the validity of messages containing TSIG resource records can be exploited by an attacker to trigger an assertion failure in tsig.c, resulting in denial of service to clients. BIND 9.0.0 -> 9.11.18, 9.12.0 -> 9.12.4-P2, 9.14.0 -> 9.14.11, 9.16.0 -> 9.16.2, and releases 9.17.0 -> 9.17.1 of the 9.17 experimental development branch. All releases in the obsolete 9.13 and 9.15 development branches. All releases of BIND Supported Preview Edition from 9.9.3-S1 -> 9.11.18-S1."}]}]}, "references": {"reference_data": [{"name": "https://kb.isc.org/docs/cve-2020-8617", "refsource": "CONFIRM", "url": "https://kb.isc.org/docs/cve-2020-8617"}, {"name": "[oss-security] 20200519 Two vulnerabilities disclosed in BIND (CVE-2020-8616 and CVE-2020-8617)", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2020/05/19/4"}, {"name": "DSA-4689", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2020/dsa-4689"}, {"name": "https://security.netapp.com/advisory/ntap-20200522-0002/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20200522-0002/"}, {"name": "http://packetstormsecurity.com/files/157836/BIND-TSIG-Denial-Of-Service.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/157836/BIND-TSIG-Denial-Of-Service.html"}, {"name": "USN-4365-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4365-2/"}, {"name": "USN-4365-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4365-1/"}, {"name": "[debian-lts-announce] 20200530 [SECURITY] [DLA 2227-1] bind9 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00031.html"}, {"name": "FEDORA-2020-2d89cbcfd9", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOGCJS2XQ3SQNF4W6GLZ73LWZJ6ZZWZI/"}, {"name": "FEDORA-2020-f9dcd4e9d5", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JKJXVBOKZ36ER3EUCR7VRB7WGHIIMPNJ/"}, {"name": "openSUSE-SU-2020:1699", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"}, {"name": "openSUSE-SU-2020:1701", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"}]}, "solution": [{"lang": "en", "value": "Upgrade to the patched release most closely related to your current version of BIND:\n\n BIND 9.11.19\n BIND 9.14.12\n BIND 9.16.3\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9.11.19-S1"}], "source": {"discovery": "EXTERNAL"}, "work_around": [{"lang": "en", "value": "None known."}]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T10:03:46.366Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://kb.isc.org/docs/cve-2020-8617"}, {"name": "[oss-security] 20200519 Two vulnerabilities disclosed in BIND (CVE-2020-8616 and CVE-2020-8617)", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2020/05/19/4"}, {"name": "DSA-4689", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "https://www.debian.org/security/2020/dsa-4689"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://security.netapp.com/advisory/ntap-20200522-0002/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/157836/BIND-TSIG-Denial-Of-Service.html"}, {"name": "USN-4365-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/4365-2/"}, {"name": "USN-4365-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/4365-1/"}, {"name": "[debian-lts-announce] 20200530 [SECURITY] [DLA 2227-1] bind9 security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00031.html"}, {"name": "FEDORA-2020-2d89cbcfd9", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WOGCJS2XQ3SQNF4W6GLZ73LWZJ6ZZWZI/"}, {"name": "FEDORA-2020-f9dcd4e9d5", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JKJXVBOKZ36ER3EUCR7VRB7WGHIIMPNJ/"}, {"name": "openSUSE-SU-2020:1699", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"}, {"name": "openSUSE-SU-2020:1701", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"}]}]}, "cveMetadata": {"assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22", "assignerShortName": "isc", "cveId": "CVE-2020-8617", "datePublished": "2020-05-19T14:05:16.241486Z", "dateReserved": "2020-02-05T00:00:00", "dateUpdated": "2024-09-16T20:26:32.566Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*", "matchCriteriaId": "D09867AC-12F6-49C8-B399-0BA8B027B036", "versionEndIncluding": "9.11.18", "versionStartIncluding": "9.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*", "matchCriteriaId": "9C499955-0D38-4828-B94F-9BFE2719246B", "versionEndIncluding": "9.12.4", "versionStartIncluding": "9.12.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*", "matchCriteriaId": "EA8EE96D-C27B-4995-BFB2-B4AC55ACAE8A", "versionEndIncluding": "9.13.7", "versionStartIncluding": "9.13.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*", "matchCriteriaId": "3296874E-8628-4D69-B788-6CC51296A522", "versionEndIncluding": "9.14.11", "versionStartIncluding": "9.14.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*", "matchCriteriaId": "EEC8D4F0-B8E2-47B0-8E13-EE3FB4E43C01", "versionEndIncluding": "9.15.6", "versionStartIncluding": "9.15.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*", "matchCriteriaId": "12DD0D57-81E0-40BC-8047-E41892261E39", "versionEndIncluding": "9.16.2", "versionStartIncluding": "9.16.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*", "matchCriteriaId": "96A5AA10-99B2-4784-A628-33E5CC697A30", "versionEndIncluding": "9.17.1", "versionStartIncluding": "9.17.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:9.12.4:p1:*:*:*:*:*:*", "matchCriteriaId": "E121D018-42B7-467E-9481-EDA4021401AF", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:9.12.4:p2:*:*:*:*:*:*", "matchCriteriaId": "343890F9-D6B4-433C-9131-9526DBB75749", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:isc:bind:9.9.3:s1:*:*:supported_preview:*:*:*", "matchCriteriaId": "40EE014B-0CD8-45F3-BEDB-AE6368A78B04", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:9.10.5:s1:*:*:supported_preview:*:*:*", "matchCriteriaId": "CAD41122-C5D8-4256-8CB7-FF88DCD96A13", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:9.10.7:s1:*:*:supported_preview:*:*:*", "matchCriteriaId": "6243685F-1E5B-4FF6-AE1B-44798032FBA6", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:9.11.3:s1:*:*:supported_preview:*:*:*", "matchCriteriaId": "C2FE13E1-0646-46FC-875B-CB4C34E20101", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:9.11.5:s3:*:*:supported_preview:*:*:*", "matchCriteriaId": "1AA16E51-819C-4A1B-B66E-1C60C1782C0D", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:9.11.5:s5:*:*:supported_preview:*:*:*", "matchCriteriaId": "91533F9F-C0E5-4E84-8A4C-F744F956BF97", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:9.11.6:s1:*:*:supported_preview:*:*:*", "matchCriteriaId": "8AF9D390-0D5B-4963-A2D3-BF1E7CD95E9D", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:9.11.7:s1:*:*:supported_preview:*:*:*", "matchCriteriaId": "AB2B92F1-6BA8-41CA-9000-E0633462CC28", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:9.11.8:s1:*:*:supported_preview:*:*:*", "matchCriteriaId": "02CA4635-7DFC-408E-A837-856E0F96CA1B", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "matchCriteriaId": "80F0FA5D-8D3B-4C0E-81E2-87998286AF33", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "matchCriteriaId": "36D96259-24BD-44E2-96D9-78CE1D41F956", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*", "matchCriteriaId": "B009C22E-30A4-4288-BCF6-C3E81DEAF45A", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "matchCriteriaId": "CB66DB75-2B16-4EBF-9B93-CE49D8086E41", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", "matchCriteriaId": "A31C8344-3E02-4EB8-8BD8-4C84B7959624", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*", "matchCriteriaId": "902B8056-9E37-443B-8905-8AA93E2447FB", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whose configuration does not otherwise make use of it, almost all current BIND servers are vulnerable. In releases of BIND dating from March 2018 and after, an assertion check in tsig.c detects this inconsistent state and deliberately exits. Prior to the introduction of the check the server would continue operating in an inconsistent state, with potentially harmful results."}, {"lang": "es", "value": "Al usar un mensaje especialmente dise\u00f1ado, un atacante puede causar que un servidor BIND alcance un estado inconsistente si el atacante conoce (o adivina con \u00e9xito) el nombre de una clave TSIG utilizada por el servidor. Dado que BIND, por defecto, configura una clave de sesi\u00f3n local incluso en servidores cuya configuraci\u00f3n no la usa, casi todos los servidores BIND actuales son vulnerables. En los lanzamientos de BIND que datan de marzo de 2018 y posteriores, una comprobaci\u00f3n de afirmaci\u00f3n en el archivo tsig.c detecta este estado inconsistente y se cierra deliberadamente. Antes de la introducci\u00f3n de la comprobaci\u00f3n, el servidor continuar\u00eda funcionando en un estado inconsistente, con resultados potencialmente da\u00f1inos."}], "id": "CVE-2020-8617", "lastModified": "2024-11-21T05:39:07.990", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "security-officer@isc.org", "type": "Secondary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-05-19T14:15:11.987", "references": [{"source": "security-officer@isc.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"}, {"source": "security-officer@isc.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"}, {"source": "security-officer@isc.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/157836/BIND-TSIG-Denial-Of-Service.html"}, {"source": "security-officer@isc.org", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2020/05/19/4"}, {"source": "security-officer@isc.org", "tags": ["Patch", "Vendor Advisory"], "url": "https://kb.isc.org/docs/cve-2020-8617"}, {"source": "security-officer@isc.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00031.html"}, {"source": "security-officer@isc.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JKJXVBOKZ36ER3EUCR7VRB7WGHIIMPNJ/"}, {"source": "security-officer@isc.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WOGCJS2XQ3SQNF4W6GLZ73LWZJ6ZZWZI/"}, {"source": "security-officer@isc.org", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20200522-0002/"}, {"source": "security-officer@isc.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/4365-1/"}, {"source": "security-officer@isc.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/4365-2/"}, {"source": "security-officer@isc.org", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2020/dsa-4689"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/157836/BIND-TSIG-Denial-Of-Service.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2020/05/19/4"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://kb.isc.org/docs/cve-2020-8617"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00031.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JKJXVBOKZ36ER3EUCR7VRB7WGHIIMPNJ/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WOGCJS2XQ3SQNF4W6GLZ73LWZJ6ZZWZI/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20200522-0002/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/4365-1/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/4365-2/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2020/dsa-4689"}], "sourceIdentifier": "security-officer@isc.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-617"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Tobias Klein as the original reporter.", "affected_release": [{"advisory": "RHSA-2020:2383", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "bind-32:9.8.2-0.68.rc1.el6_10.7", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2020-06-03T00:00:00Z"}, {"advisory": "RHSA-2020:3379", "cpe": "cpe:/o:redhat:rhel_aus:6.5", "package": "bind-32:9.8.2-0.23.rc1.el6_5.9", "product_name": "Red Hat Enterprise Linux 6.5 Advanced Update Support", "release_date": "2020-08-10T00:00:00Z"}, {"advisory": "RHSA-2020:3378", "cpe": "cpe:/o:redhat:rhel_aus:6.6", "package": "bind-32:9.8.2-0.30.rc1.el6_6.11", "product_name": "Red Hat Enterprise Linux 6.6 Advanced Update Support", "release_date": "2020-08-10T00:00:00Z"}, {"advisory": "RHSA-2020:2344", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "bind-32:9.11.4-16.P2.el7_8.6", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2020-06-01T00:00:00Z"}, {"advisory": "RHSA-2020:3471", "cpe": "cpe:/o:redhat:rhel_aus:7.2", "package": "bind-32:9.9.4-29.el7_2.9", "product_name": "Red Hat Enterprise Linux 7.2 Advanced Update Support", "release_date": "2020-08-18T00:00:00Z"}, {"advisory": "RHSA-2020:3470", "cpe": "cpe:/o:redhat:rhel_aus:7.3", "package": "bind-32:9.9.4-50.el7_3.4", "product_name": "Red Hat Enterprise Linux 7.3 Advanced Update Support", "release_date": "2020-08-18T00:00:00Z"}, {"advisory": "RHSA-2020:3470", "cpe": "cpe:/o:redhat:rhel_tus:7.3", "package": "bind-32:9.9.4-50.el7_3.4", "product_name": "Red Hat Enterprise Linux 7.3 Telco Extended Update Support", "release_date": "2020-08-18T00:00:00Z"}, {"advisory": "RHSA-2020:3470", "cpe": "cpe:/o:redhat:rhel_e4s:7.3", "package": "bind-32:9.9.4-50.el7_3.4", "product_name": "Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions", "release_date": "2020-08-18T00:00:00Z"}, {"advisory": "RHSA-2020:3433", "cpe": "cpe:/o:redhat:rhel_aus:7.4", "package": "bind-32:9.9.4-51.el7_4.4", "product_name": "Red Hat Enterprise Linux 7.4 Advanced Update Support", "release_date": "2020-08-12T00:00:00Z"}, {"advisory": "RHSA-2020:3433", "cpe": "cpe:/o:redhat:rhel_tus:7.4", "package": "bind-32:9.9.4-51.el7_4.4", "product_name": "Red Hat Enterprise Linux 7.4 Telco Extended Update Support", "release_date": "2020-08-12T00:00:00Z"}, {"advisory": "RHSA-2020:3433", "cpe": "cpe:/o:redhat:rhel_e4s:7.4", "package": "bind-32:9.9.4-51.el7_4.4", "product_name": "Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions", "release_date": "2020-08-12T00:00:00Z"}, {"advisory": "RHSA-2020:3475", "cpe": "cpe:/o:redhat:rhel_eus:7.6", "package": "bind-32:9.9.4-74.el7_6.4", "product_name": "Red Hat Enterprise Linux 7.6 Extended Update Support", "release_date": "2020-08-18T00:00:00Z"}, {"advisory": "RHSA-2020:2893", "cpe": "cpe:/o:redhat:rhel_eus:7.7", "package": "bind-32:9.11.4-9.P2.el7_7.1", "product_name": "Red Hat Enterprise Linux 7.7 Extended Update Support", "release_date": "2020-07-13T00:00:00Z"}, {"advisory": "RHSA-2020:2338", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "bind-32:9.11.13-5.el8_2", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2020-05-28T00:00:00Z"}, {"advisory": "RHSA-2020:2338", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "bind-32:9.11.13-5.el8_2", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2020-05-28T00:00:00Z"}, {"advisory": "RHSA-2020:2404", "cpe": "cpe:/a:redhat:rhel_e4s:8.0", "package": "bind-32:9.11.4-19.P2.el8_0", "product_name": "Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions", "release_date": "2020-06-04T00:00:00Z"}, {"advisory": "RHSA-2020:2345", "cpe": "cpe:/a:redhat:rhel_eus:8.1", "package": "bind-32:9.11.4-26.P2.el8_1.3", "product_name": "Red Hat Enterprise Linux 8.1 Extended Update Support", "release_date": "2020-06-01T00:00:00Z"}], "bugzilla": {"description": "bind: A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c", "id": "1836124", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1836124"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-617", "details": ["Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whose configuration does not otherwise make use of it, almost all current BIND servers are vulnerable. In releases of BIND dating from March 2018 and after, an assertion check in tsig.c detects this inconsistent state and deliberately exits. Prior to the introduction of the check the server would continue operating in an inconsistent state, with potentially harmful results.", "An assertion failure was found in BIND, which checks the validity of messages containing TSIG resource records. This flaw allows an attacker that knows or successfully guesses the name of the TSIG key used by the server to use a specially-crafted message, potentially causing a BIND server to reach an inconsistent state or cause a denial of service. A majority of BIND servers have an internally-generated TSIG session key whose name is trivially guessable, and that key exposes the vulnerability unless specifically disabled."], "mitigation": {"lang": "en:us", "value": "BIND servers have an internally-generated TSIG session key whose name is trivially guessable, and that key exposes the vulnerability unless specifically disabled. Upstream recommends using random value in session-keyname as a workaround. This can be added to named.conf configuration file."}, "name": "CVE-2020-8617", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Out of support scope", "package_name": "bind", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Out of support scope", "package_name": "bind97", "product_name": "Red Hat Enterprise Linux 5"}], "public_date": "2020-05-19T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2020-8617\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-8617\nhttps://kb.isc.org/docs/cve-2020-8617"], "statement": "Upstream has released additional information about this flaw. Details available at: https://kb.isc.org/docs/cve-2020-8617-faq-and-supplemental-information", "threat_severity": "Important", "upstream_fix": "bind 9.11.19, bind 9.14.12, bind 9.16.3"}