Overview
- Description
- An attacker can leverage this flaw to gradually erode available memory to the point where named crashes for lack of resources. Upon restart the attacker would have to begin again, but nevertheless there is the potential to deny service.
- Source
- security-officer@isc.org
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- Severity
- HIGH
Weaknesses
- nvd@nist.gov
- CWE-401
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BAE4B411-40F7-422D-8A5C-775ED1D00189",
"versionEndExcluding": "9.18.7",
"versionStartIncluding": "9.18.0"
},
{
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3E1EC206-AC11-4A7E-9723-C4F69FF76892",
"versionEndExcluding": "9.19.5",
"versionStartIncluding": "9.19.0"
}
],
"operator": "OR"
}
]
}
]