Vulnerability in Isc Bind9

CVE-2021-25215

In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a…

EPSS: 0.015 (81.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.

Affected products

  • Isc Bind9 — versions Open Source Branches 9.0 through 9.11 9.0.0 through versions before 9.11.30, Open Source Branches 9.12 through 9.16 9.12.0 through versions before 9.16.14, Supported Preview Branches 9.9-S through 9.11-S 9.9.3-S1 through versions before 9.11.30-S1

Public proof-of-concept exploits

References

Frequently asked questions

What is CVE-2021-25215?
CVE-2021-25215 is a high-severity vulnerability in Isc Bind9. CVSS score: 7.5/10. Published 2021-04-29.
How severe is CVE-2021-25215?
High severity. CVSS v3 base score is 7.5 out of 10.
Is CVE-2021-25215 known to be exploited?
15 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.