Vulnerabilities > CVE-2023-2829

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

isc

netapp

NVD

Published: 2023-06-21

Updated: 2023-07-03

Summary

A `named` instance configured to run as a DNSSEC-validating recursive resolver with the Aggressive Use of DNSSEC-Validated Cache (RFC 8198) option (`synth-from-dnssec`) enabled can be remotely terminated using a zone with a malformed NSEC record. This issue affects BIND 9 versions 9.16.8-S1 through 9.16.41-S1 and 9.18.11-S1 through 9.18.15-S1.

Vulnerable Configurations

Part	Description	Count
Application	Isc ISC Bind * ISC Bind 9.16.8 ISC Bind 9.16.11 ISC Bind 9.16.12 ISC Bind 9.16.13 ISC Bind 9.16.14 ISC Bind 9.16.21 ISC Bind 9.16.32 ISC Bind 9.16.36	9
Application	Netapp Netapp Active IQ Unified Manager -	1
OS	Netapp Netapp H500S Firmware - Netapp H700S Firmware - Netapp H410S Firmware - Netapp H410C Firmware - Netapp H300S Firmware -	5
Hardware	Netapp Netapp H500S - Netapp H700S - Netapp H410S - Netapp H410C - Netapp H300S -	5

Vulnerabilities > CVE-2023-2829

Summary

Vulnerable Configurations

Related news

References

Vulnerabilities > CVE-2023-2829 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2023-2829"}]}

Summary

Vulnerable Configurations

Related news

References

Vulnerabilities > CVE-2023-2829