How severe is CVE-2018-5745?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.9 out of 10.

What type of vulnerability is CVE-2018-5745?

This is classified as CWE-327, which is a common weakness in software security.

CVE-2018-5745

MEDIUM Year: 2018

CVSS v3 Score

4.9

Medium

CVSS v2 Score

3.5

Low

Weakness Type

CWE-327

View all →

Vulnerability Description

"managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation. Due to an error in the managed-keys feature it is possible for a BIND server which uses managed-keys to exit due to an assertion failure if, during key rollover, a trust anchor's keys are replaced with keys which use an unsupported algorithm. Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P1, 9.12.0 -> 9.12.3-P1, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -> 9.13.6 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2018-5745.

CVE-2021-43774

MEDIUM

CVSS:4.9(Medium)

A risky-algorithm issue was discovered on Fujifilm DocuCentre-VI C4471 1.8 devices. An attacker that obtained access to the administrative web interface of a printer (e.g., by using the default creden...

CWE-3272021

CVE-2024-10128

MEDIUM

CVSS:4.9(Medium)

A vulnerability was found in Topdata Inner Rep Plus WebServer 2.01. It has been rated as problematic. Affected by this issue is some unknown functionality of the file td.js.gz. The manipulation leads ...

CWE-3272024

CVE-2024-20070

MEDIUM

CVSS:5.1(Medium)

In modem, there is a possible information disclosure due to using risky cryptographic algorithm during connection establishment negotiation. This could lead to remote information disclosure, when weak...

CWE-3272024

CVE-2017-14937

MEDIUM

CVSS:4.7(Medium)

The airbag detonation algorithm allows injury to passenger-car occupants via predictable Security Access (SA) data to the internal CAN bus (or the OBD connector). This affects the airbag control units...

CWE-3272017

CVE-2019-15795

MEDIUM

CVSS:4.7(Medium)

python-apt only checks the MD5 sums of downloaded files in `Version.fetch_binary()` and `Version.fetch_source()` of apt/package.py in version 1.9.0ubuntu1 and earlier. This allows a man-in-the-middle ...

CWE-3272019

CVE-2021-36647

MEDIUM

CVSS:4.7(Medium)

Use of a Broken or Risky Cryptographic Algorithm in the function mbedtls_mpi_exp_mod() in lignum.c in Mbed TLS Mbed TLS all versions before 3.0.0, 2.27.0 or 2.16.11 allows attackers with access to pre...

CWE-3272021

CVE-2018-5745

Vulnerability Description

Related Vulnerabilities

CVE-2021-43774

CVE-2024-10128

CVE-2024-20070

CVE-2017-14937

CVE-2019-15795

CVE-2021-36647