CVE-2020-8625

Published Feb 17, 2021

Last updated a year ago

CVSS high 8.1

Overview

Description: BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default settings the vulnerable code path is not exposed, but a server can be rendered vulnerable by explicitly setting valid values for the tkey-gssapi-keytab or tkey-gssapi-credentialconfiguration options. Although the default configuration is not vulnerable, GSS-TSIG is frequently used in networks where BIND is integrated with Samba, as well as in mixed-server environments that combine BIND servers with Active Directory domain controllers. The most likely outcome of a successful exploitation of the vulnerability is a crash of the named process. However, remote code execution, while unproven, is theoretically possible. Affects: BIND 9.5.0 -> 9.11.27, 9.12.0 -> 9.16.11, and versions BIND 9.11.3-S1 -> 9.11.27-S1 and 9.16.8-S1 -> 9.16.11-S1 of BIND Supported Preview Edition. Also release versions 9.17.0 -> 9.17.1 of the BIND 9.17 development branch
Source: security-officer@isc.org
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 8.1
Impact score: 5.9
Exploitability score: 2.2
Vector string: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 6.8
Impact score: 6.4
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-120

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1616B77F-1036-4439-8626-347A294D4332",
            "versionEndIncluding": "9.11.27",
            "versionStartIncluding": "9.5.0"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4C35BEC1-0A44-441A-871D-5D4C06108E94",
            "versionEndIncluding": "9.16.11",
            "versionStartIncluding": "9.12.0"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:9.11.3:s1:*:*:supported_preview:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C2FE13E1-0646-46FC-875B-CB4C34E20101"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:9.11.5:s3:*:*:supported_preview:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1AA16E51-819C-4A1B-B66E-1C60C1782C0D"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:9.11.5:s5:*:*:supported_preview:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "91533F9F-C0E5-4E84-8A4C-F744F956BF97"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:9.11.6:s1:*:*:supported_preview:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8AF9D390-0D5B-4963-A2D3-BF1E7CD95E9D"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:9.11.7:s1:*:*:supported_preview:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AB2B92F1-6BA8-41CA-9000-E0633462CC28"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:9.11.8:s1:*:*:supported_preview:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "02CA4635-7DFC-408E-A837-856E0F96CA1B"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:9.11.21:s1:*:*:supported_preview:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5CC1F26C-4757-4C87-BD8B-2FA456A88C6F"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:9.11.27:s1:*:*:supported_preview:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "582A4948-B64F-45D4-807A-846A85BB6B42"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:9.16.8:s1:*:*:supported_preview:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "288EAD80-574B-4839-9C2C-81D6D088A733"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:9.16.11:s1:*:*:supported_preview:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3595F024-F910-4356-8B5B-D478960FF574"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:9.17.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6622078E-6720-48FF-AF88-511B95527A6B"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:9.17.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9AB78688-703F-4A10-8778-69933BCD3416"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252"
          },
          {
            "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "36D96259-24BD-44E2-96D9-78CE1D41F956"
          },
          {
            "criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194"
          },
          {
            "criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B0F46497-4AB0-49A7-9453-CC26837BF253",
            "versionEndExcluding": "1.0.1.1"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5C2089EE-5D7F-47EC-8EA5-0F69790564C4"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netapp:a250:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "281DFC67-46BB-4FC2-BE03-3C65C9311F65"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netapp:a250_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1236B66D-EB11-4324-929F-E2B86683C3C7"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netapp:500f:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F21DE67F-CDFD-4D36-9967-633CD0240C6F"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netapp:500f_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ECF32BB1-9A58-4821-AE49-5D5C8200631F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References