What is CVE-2020-8621?

CVE-2020-8621 is a high-severity vulnerability in Isc Bind9. CVSS score: 7.5/10. Published 2020-08-21.

How severe is CVE-2020-8621?

High severity. CVSS v3 base score is 7.5 out of 10.

Vulnerability in Isc Bind9

CVE-2020-8621

In BIND 9.14.0 -> 9.16.5, 9.17.0 -> 9.17.3, If a server is configured with both QNAME minimization and 'forward first' then an attacker who can send queries to it may be able to trigger the condition that will cause the server to crash. Se…

EPSS: 0.049 (89.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.

Affected products

Isc Bind9 — versions 9.14.0

References

kb.isc.org/docs/cve-2020-8621 (x_refsource_CONFIRM)
security.netapp.com/advisory/ntap-20200827-0003/ (x_refsource_CONFIRM)
USN-4468-1 (vendor-advisory, x_refsource_UBUNTU)
GLSA-202008-19 (vendor-advisory, x_refsource_GENTOO)
www.synology.com/security/advisory/Synology_SA_20_19 (x_refsource_CONFIRM)
openSUSE-SU-2020:1699 (vendor-advisory, x_refsource_SUSE)
openSUSE-SU-2020:1701 (vendor-advisory, x_refsource_SUSE)

Frequently asked questions

What is CVE-2020-8621?: CVE-2020-8621 is a high-severity vulnerability in Isc Bind9. CVSS score: 7.5/10. Published 2020-08-21.
How severe is CVE-2020-8621?: High severity. CVSS v3 base score is 7.5 out of 10.