Vulnerabilities > CVE-2020-8621 - Reachable Assertion vulnerability in multiple products

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL

Summary

In BIND 9.14.0 -> 9.16.5, 9.17.0 -> 9.17.3, If a server is configured with both QNAME minimization and 'forward first' then an attacker who can send queries to it may be able to trigger the condition that will cause the server to crash. Servers that 'forward only' are not affected.

Vulnerable Configurations

Part Description Count
Application
Isc
33
Application
Synology
44
Application
Netapp
1
OS
Opensuse
2
OS
Canonical
3

Common Weakness Enumeration (CWE)