VDB
CVE-2023-4236
CVE-2023-4236
PUBLISHED
CVSS 9.300000190734863 CRITICAL
BIND (Berkeley Internet Name Domain) ist ein Open-Source-Softwarepaket, das einen Domain-Name-System-Server implementiert.
EPSS 0.18% · 39.0th percentile
Risk Scores
CVSS 4.0
9.300000190734863
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
EPSS Score
0.18%
39.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Internet Systems Consortium | Internet Systems Consortium BIND <9.18.19 | |
| IBM | IBM AIX 7.2 | |
| SUSE | SUSE Linux | |
| IBM | IBM QRadar SIEM <7.5.0 UP7 IF02 | |
| Xerox | Xerox FreeFlow Print Server v9 | |
| Xerox | Xerox FreeFlow Print Server v7 | |
| IBM | IBM VIOS 4.1 | |
| IBM | IBM QRadar SIEM 7.5 | |
| Oracle | Oracle Linux | |
| Ubuntu | Ubuntu Linux | |
| Dell | Dell NetWorker vProxy<19.10 | |
| NetApp | NetApp ActiveIQ Unified Manager | |
| Xerox | Xerox FreeFlow Print Server 9 | |
| Red Hat | Red Hat Enterprise Linux | |
| Debian | Debian Linux | |
| Open Source | Open Source CentOS | |
| IBM | IBM AIX 7.3 | |
| Internet Systems Consortium | Internet Systems Consortium BIND <9.16.44 | |
| Amazon | Amazon Linux 2 | |
| IBM | IBM VIOS 3.1 |
…and 2 more
Exploit Intelligence
- CIRCL seen: CVE-2023-4236 (circl-sighting)
- CIRCL seen: CVE-2023-4236 (circl-sighting)
- CIRCL seen: CVE-2023-4236 (circl-sighting)
- CVE-2023-4236 (circl)
- http://www.openwall.com/lists/oss-security/2023/09/20/2 (circl)
- https://www.debian.org/security/2023/dsa-5504 (circl)
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPJLLTJCSDJJII7IIZPLTBQNWP7MZH7F/ (circl)
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U35OARLQCPMVCBBPHWBXY5M6XJLD2TZ5/ (circl)
- https://security.netapp.com/advisory/ntap-20231013-0004/ (circl)
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSK5V4W4OHPM3JTJGWAQD6CZW7SFD75B/ (circl)
Timeline
- Sep 20, 2023 CVE Published
- Sep 20, 2023 PoC Published
- Sep 22, 2023 EPSS Score
- Sep 22, 2023 PoC Published
- Oct 24, 2023 EPSS Score
- Nov 25, 2023 EPSS Score
- Jan 28, 2024 EPSS Score
- Feb 29, 2024 EPSS Score
- Apr 1, 2024 EPSS Score
- May 3, 2024 EPSS Score
- Jun 5, 2024 EPSS Score
- Aug 8, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2412.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2412 advisory
- https://kb.isc.org/docs/cve-2023-3341 advisory
- https://kb.isc.org/docs/cve-2023-4236 advisory
- https://ubuntu.com/security/notices/USN-6390-1 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-September/016301.html advisory
- https://lists.debian.org/debian-security-announce/2023/msg00197.html advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2023-a2621f58a9 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2023-87502c4a93 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2023-687525fcca advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2023-b4acb0f7c6 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-September/016332.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-September/016371.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-September/016346.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-October/016477.html advisory
- https://alas.aws.amazon.com/AL2/ALAS-2023-2273.html advisory
- https://access.redhat.com/errata/RHSA-2023:5460 advisory
- https://access.redhat.com/errata/RHSA-2023:5473 advisory
- https://access.redhat.com/errata/RHSA-2023:5474 advisory
- http://linux.oracle.com/errata/ELSA-2023-5460.html advisory
…and 27 more