Overview
- Description
- "managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation. Due to an error in the managed-keys feature it is possible for a BIND server which uses managed-keys to exit due to an assertion failure if, during key rollover, a trust anchor's keys are replaced with keys which use an unsupported algorithm. Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P1, 9.12.0 -> 9.12.3-P1, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -> 9.13.6 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2018-5745.
- Source
- security-officer@isc.org
- NVD status
- Modified
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 4.9
- Impact score
- 3.6
- Exploitability score
- 1.2
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
- Severity
- MEDIUM
CVSS 3.0
- Type
- Secondary
- Base score
- 4.9
- Impact score
- 3.6
- Exploitability score
- 1.2
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 3.5
- Impact score
- 2.9
- Exploitability score
- 6.8
- Vector string
- AV:N/AC:M/Au:S/C:N/I:N/A:P
Weaknesses
- nvd@nist.gov
- CWE-327
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7499FD94-56AE-4BFD-B8FF-D46A63DFDC3B",
"versionEndIncluding": "9.10.7",
"versionStartIncluding": "9.9.0"
},
{
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A9316962-340F-4084-8E86-50600275FF17",
"versionEndIncluding": "9.11.4",
"versionStartIncluding": "9.11.0"
},
{
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4D42B921-3C36-433A-B2F2-0AABC9869DCC",
"versionEndIncluding": "9.12.2",
"versionStartIncluding": "9.12.0"
},
{
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "68A67ACC-D80C-462C-9B03-D8E694322C3E",
"versionEndIncluding": "9.13.6",
"versionStartIncluding": "9.13.0"
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.3:s1:*:*:*:supported_preview:*:*",
"vulnerable": true,
"matchCriteriaId": "A01B5F4E-1F55-4DED-BF30-E0B436D8B965"
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.7:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E1130C02-AD74-414E-808B-AD2AC7E7AD5A"
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.8:p1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "58D8814F-07FC-42A8-99EF-CD84AADEDC57"
},
{
"criteria": "cpe:2.3:a:isc:bind:9.11.5:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A10C5868-A7C3-48A5-BDE9-1CE0FC0F515F"
},
{
"criteria": "cpe:2.3:a:isc:bind:9.11.5:p1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EB1A7C62-4700-4DE1-B0C2-16D94D0FE4C2"
},
{
"criteria": "cpe:2.3:a:isc:bind:9.11.5:s3:*:*:*:supported_preview:*:*",
"vulnerable": true,
"matchCriteriaId": "B6F72F80-D178-4F6D-8D16-85C0DEEE275B"
},
{
"criteria": "cpe:2.3:a:isc:bind:9.12.3:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F59BE241-48B6-47CC-8500-96A8A1E67954"
},
{
"criteria": "cpe:2.3:a:isc:bind:9.12.3:p1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4B12AA91-F54B-4C97-9168-8E276F16F22B"
}
],
"operator": "OR"
}
]
}
]