VDB
WID-SEC-W-2024-0978
WID-SEC-W-2024-0978
PUBLISHED
CVSS 9.300000190734863 CRITICAL
BIND (Berkeley Internet Name Domain) ist ein Open-Source-Softwarepaket, das einen Domain-Name-System-Server implementiert. Der Domain Name Service (DNS) ermöglicht die Umsetzung der Domainnamen in IP-Adressen. Zur Verhinderung von übermäßigen Anfragen werden die Zuordnungen häufig lokal in einem Cache gespeichert. Windows ist ein Betriebssystem von Microsoft.
Risk Scores
CVSS 4.0
9.300000190734863
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Juniper Junos Space 20.3R1 | ||
| Debian Linux | ||
| F5 BIG-IP | ||
| Open Source Arch Linux | ||
| Avaya Aura Application Enablement Services | ||
| Internet Systems Consortium BIND <9.11.19 | ||
| Internet Systems Consortium BIND 9.11.19 | ||
| Avaya Session Border Controller | ||
| Internet Systems Consortium BIND 9.16.3 | ||
| Microsoft Windows Server | ||
| Avaya one-X | ||
| Internet Systems Consortium BIND <9.14.12 | ||
| Open Source CentOS | ||
| Internet Systems Consortium BIND <9.16.3 | ||
| FreeBSD Project FreeBSD OS | ||
| Juniper Junos Space <20.3R1 | ||
| Avaya Aura Communication Manager | ||
| Avaya Aura Experience Portal | ||
| Avaya CMS | ||
| Internet Systems Consortium BIND 9.14.12 |
Exploit Intelligence
- https://wid.cert-bund.de/.well-known/csaf/white/2020/wid-sec-w-2024-0978.json (circl)
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0978 (circl)
- http://www.nxnsattack.com/ (circl)
- https://portal.msrc.microsoft.com/de-DE/security-guidance/advisory/ADV200009 (circl)
- https://blog.powerdns.com/2020/05/19/powerdns-recursor-4-3-1-4-2-2-and-4-1-16-released/ (circl)
- https://kb.isc.org/docs/cve-2020-8616 (circl)
- https://security.archlinux.org/ASA-202005-14 (circl)
- https://www.debian.org/security/2020/dsa-4694 (circl)
- https://access.redhat.com/errata/RHSA-2020:2344 (circl)
- https://access.redhat.com/errata/RHSA-2020:2345 (circl)
…and 33 more exploits
Timeline
- May 19, 2020 CVE Published
- Oct 1, 2024 CVE Updated
- Apr 4, 2026 Distribution Patch
- Apr 4, 2026 Distribution Patch
- Apr 4, 2026 Distribution Patch
- Apr 4, 2026 Distribution Patch
- Apr 4, 2026 Distribution Patch
- Apr 4, 2026 Distribution Patch
- Apr 4, 2026 Distribution Patch
- Apr 4, 2026 Distribution Patch
- Apr 4, 2026 Distribution Patch
- Apr 4, 2026 Distribution Patch
References
- https://wid.cert-bund.de/.well-known/csaf/white/2020/wid-sec-w-2024-0978.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0978 advisory
- http://www.nxnsattack.com/ url
- https://portal.msrc.microsoft.com/de-DE/security-guidance/advisory/ADV200009 url
- https://blog.powerdns.com/2020/05/19/powerdns-recursor-4-3-1-4-2-2-and-4-1-16-released/ url
- https://kb.isc.org/docs/cve-2020-8616 url
- https://security.archlinux.org/ASA-202005-14 url
- https://www.debian.org/security/2020/dsa-4694 url
- https://access.redhat.com/errata/RHSA-2020:2344 url
- https://access.redhat.com/errata/RHSA-2020:2345 url
- http://centos-announce.2309468.n4.nabble.com/CentOS-announce-CESA-2020-2344-Important-CentOS-7-bind-Security-Update-tp4645946.html url
- https://lists.debian.org/debian-lts-announce/2020/debian-lts-announce-202005/msg00031.html url
- https://oss.oracle.com/pipermail/el-errata/2020-June/009985.html url
- https://access.redhat.com/errata/RHSA-2020:2383 url
- https://support.f5.com/csp/article/K37661551 url
- https://oss.oracle.com/pipermail/el-errata/2020-June/009988.html url
- http://centos-announce.2309468.n4.nabble.com/CentOS-announce-CESA-2020-2383-Important-CentOS-6-bind-Security-Update-tp4645950.html url
- https://access.redhat.com/errata/RHSA-2020:2414 url
- https://access.redhat.com/errata/RHSA-2020:2416 url
- https://access.redhat.com/errata/RHSA-2020:2418 url
…and 23 more