CVE-2020-8620

High

In BIND 9.15.6 -> 9.16.5, 9.17.0 -> 9.17.3, An attacker who can establish a TCP connection with the server and send data on that connection…

isc·CWE-617·Published 2020-08-21

CVSS

7.5

EPSS

0.04

KEV

Exploits

cve.orgen

218 chars

In BIND 9.15.6 -> 9.16.5, 9.17.0 -> 9.17.3, An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure, causing the server to exit.

NVDen

218 chars

NVDes

243 chars

En BIND versiones 9.15.6 -) 9.16.5, 9.17.0 -) 9.17.3, un atacante que puede establecer una conexión TCP con el servidor y enviar datos en esa conexión puede explotar esto para desencadenar el fallo de aserción, causando la salida del servidor.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P
3.1	Primary	cve.org	7.5	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H