{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-5680", "assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22", "state": "PUBLISHED", "assignerShortName": "isc", "dateReserved": "2023-10-20T11:13:31.862Z", "datePublished": "2024-02-13T14:05:19.783Z", "dateUpdated": "2024-08-02T08:07:32.499Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "404fd4d2-a609-4245-b543-2c944a302a22", "shortName": "isc", "dateUpdated": "2024-02-13T14:05:19.783Z"}, "title": "Cleaning an ECS-enabled cache may cause excessive CPU load", "datePublic": "2024-02-13T00:00:00Z", "affected": [{"vendor": "ISC", "product": "BIND 9", "versions": [{"version": "9.11.3-S1", "lessThanOrEqual": "9.11.37-S1", "status": "affected", "versionType": "custom"}, {"version": "9.16.8-S1", "lessThanOrEqual": "9.16.45-S1", "status": "affected", "versionType": "custom"}, {"version": "9.18.11-S1", "lessThanOrEqual": "9.18.21-S1", "status": "affected", "versionType": "custom"}], "defaultStatus": "unaffected"}], "metrics": [{"cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "baseScore": 5.3, "baseSeverity": "MEDIUM"}}], "descriptions": [{"lang": "en", "value": "If a resolver cache has a very large number of ECS records stored for the same name, the process of cleaning the cache database node for this name can significantly impair query performance. \nThis issue affects BIND 9 versions 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1."}], "impacts": [{"descriptions": [{"lang": "en", "value": "By sending specific queries to a resolver, an attacker can degrade `named`'s query-handling performance. In the worst-case scenario, a resolver can become entirely unresponsive."}]}], "workarounds": [{"lang": "en", "value": "There is no workaround for this issue other than disabling the ECS feature entirely."}], "exploits": [{"lang": "en", "value": "We are not aware of any active exploits."}], "solutions": [{"lang": "en", "value": "Upgrade to the patched release most closely related to your current version of BIND 9: 9.16.48-S1 or 9.18.24-S1."}], "credits": [{"lang": "en", "value": "ISC would like to thank Yann Kerherve and Ask Bj\u00f8rn Hansen for bringing this vulnerability to our attention."}], "references": [{"url": "https://kb.isc.org/docs/cve-2023-5680", "name": "CVE-2023-5680", "tags": ["vendor-advisory"]}, {"url": "https://security.netapp.com/advisory/ntap-20240503-0005/"}], "source": {"discovery": "EXTERNAL"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-5680", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-02-13T18:02:52.507926Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:28:30.667Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:07:32.499Z"}, "title": "CVE Program Container", "references": [{"url": "https://kb.isc.org/docs/cve-2023-5680", "name": "CVE-2023-5680", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20240503-0005/", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-5680", "assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22", "state": "PUBLISHED", "assignerShortName": "isc", "dateReserved": "2023-10-20T11:13:31.862Z", "datePublished": "2024-02-13T14:05:19.783Z", "dateUpdated": "2024-06-04T17:28:30.667Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "404fd4d2-a609-4245-b543-2c944a302a22", "shortName": "isc", "dateUpdated": "2024-02-13T14:05:19.783Z"}, "title": "Cleaning an ECS-enabled cache may cause excessive CPU load", "datePublic": "2024-02-13T00:00:00Z", "affected": [{"vendor": "ISC", "product": "BIND 9", "versions": [{"version": "9.11.3-S1", "lessThanOrEqual": "9.11.37-S1", "status": "affected", "versionType": "custom"}, {"version": "9.16.8-S1", "lessThanOrEqual": "9.16.45-S1", "status": "affected", "versionType": "custom"}, {"version": "9.18.11-S1", "lessThanOrEqual": "9.18.21-S1", "status": "affected", "versionType": "custom"}], "defaultStatus": "unaffected"}], "metrics": [{"cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "baseScore": 5.3, "baseSeverity": "MEDIUM"}}], "descriptions": [{"lang": "en", "value": "If a resolver cache has a very large number of ECS records stored for the same name, the process of cleaning the cache database node for this name can significantly impair query performance. \nThis issue affects BIND 9 versions 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1."}], "impacts": [{"descriptions": [{"lang": "en", "value": "By sending specific queries to a resolver, an attacker can degrade `named`'s query-handling performance. In the worst-case scenario, a resolver can become entirely unresponsive."}]}], "workarounds": [{"lang": "en", "value": "There is no workaround for this issue other than disabling the ECS feature entirely."}], "exploits": [{"lang": "en", "value": "We are not aware of any active exploits."}], "solutions": [{"lang": "en", "value": "Upgrade to the patched release most closely related to your current version of BIND 9: 9.16.48-S1 or 9.18.24-S1."}], "credits": [{"lang": "en", "value": "ISC would like to thank Yann Kerherve and Ask Bj\u00f8rn Hansen for bringing this vulnerability to our attention."}], "references": [{"url": "https://kb.isc.org/docs/cve-2023-5680", "name": "CVE-2023-5680", "tags": ["vendor-advisory"]}, {"url": "https://security.netapp.com/advisory/ntap-20240503-0005/"}], "source": {"discovery": "EXTERNAL"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-5680", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-02-13T18:02:52.507926Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T19:01:11.233Z"}, "title": "CISA ADP Vulnrichment"}]}}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "If a resolver cache has a very large number of ECS records stored for the same name, the process of cleaning the cache database node for this name can significantly impair query performance. \nThis issue affects BIND 9 versions 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1."}, {"lang": "es", "value": "Si un cach\u00e9 de resoluci\u00f3n tiene una gran cantidad de registros ECS almacenados para el mismo nombre, el proceso de limpieza del nodo de la base de datos del cach\u00e9 para este nombre puede afectar significativamente el rendimiento de la consulta. Este problema afecta a las versiones de BIND 9, 9.11.3-S1 a 9.11.37-S1, 9.16.8-S1 a 9.16.45-S1 y 9.18.11-S1 a 9.18.21-S1."}], "id": "CVE-2023-5680", "lastModified": "2024-05-03T13:15:21.093", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "security-officer@isc.org", "type": "Primary"}]}, "published": "2024-02-13T14:15:45.850", "references": [{"source": "security-officer@isc.org", "url": "https://kb.isc.org/docs/cve-2023-5680"}, {"source": "security-officer@isc.org", "url": "https://security.netapp.com/advisory/ntap-20240503-0005/"}], "sourceIdentifier": "security-officer@isc.org", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "bind9: Cleaning an ECS-enabled cache may cause excessive CPU load", "id": "2264285", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264285"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.3", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "status": "draft"}, "cwe": "CWE-400", "details": ["If a resolver cache has a very large number of ECS records stored for the same name, the process of cleaning the cache database node for this name can significantly impair query performance. \nThis issue affects BIND 9 versions 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1.", "A flaw was found in the bind9 package. This issue may allow an attacker to substantially decrease `named` performance by sending a specific set of queries, forcing the same name to have a large number of ECS records stored. In the worst case scenario, `named` can become unresponsive, leading to a Denial of Service."], "name": "CVE-2023-5680", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "bind", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "bind", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "bind", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "bind9.16", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "bind", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-02-13T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-5680\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-5680"], "statement": "The versions of bind9 shipped with Red Hat Enterprise Linux 6, 7, 8 and 9 are not affected by this vulnerability as it doesn't contain the vulnerable code. This CVE only impacts the \"-S\" versions of bind9 package, which are different in code base than the ones distributed in Red Hat products.", "threat_severity": "Moderate", "upstream_fix": "bind 9.16.48-S1, bind 9.18.24-S1"}