How severe is CVE-2020-8617?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.9 out of 10.

What type of vulnerability is CVE-2020-8617?

This is classified as CWE-617, which is a common weakness in software security.

CVE-2020-8617

MEDIUM Year: 2020

CVSS v3 Score

5.9

Medium

CVSS v2 Score

4.3

Medium

Weakness Type

CWE-617

View all →

Vulnerability Description

Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whose configuration does not otherwise make use of it, almost all current BIND servers are vulnerable. In releases of BIND dating from March 2018 and after, an assertion check in tsig.c detects this inconsistent state and deliberately exits. Prior to the introduction of the check the server would continue operating in an inconsistent state, with potentially harmful results.

CVE-2017-3136

MEDIUM

CVSS:5.9(Medium)

A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-se...

CWE-6172017

CVE-2018-5742

MEDIUM

CVSS:5.9(Medium)

While backporting a feature for a newer branch of BIND9, RedHat introduced a path leading to an assertion failure in buffer.c:420. Affects RedHat versions bind-9.9.4-65.el7 -> bind-9.9.4-72.el7. No IS...

CWE-6172018

CVE-2019-6467

MEDIUM

CVSS:5.9(Medium)

A programming error in the nxdomain-redirect feature can cause an assertion failure in query.c if the alternate namespace used by nxdomain-redirect is a descendant of a zone that is served locally. Th...

CWE-6172019

CVE-2019-6469

MEDIUM

CVSS:5.9(Medium)

An error in the EDNS Client Subnet (ECS) feature for recursive resolvers can cause BIND to exit with an assertion failure when processing a response that has malformed RRSIGs. Versions affected: BIND ...

CWE-6172019

CVE-2021-31294

MEDIUM

CVSS:5.9(Medium)

Redis before 6cbea7d allows a replica to cause an assertion failure in a primary server by sending a non-administrative command (specifically, a SET command). NOTE: this was fixed for Redis 6.2.x and ...

CWE-6172021

CVE-2017-12168

MEDIUM

CVSS:6.0(Medium)

The access_pmu_evcntr function in arch/arm64/kvm/sys_regs.c in the Linux kernel before 4.8.11 allows privileged KVM guest OS users to cause a denial of service (assertion failure and host OS crash) by...

CWE-6172017

CVE-2020-8617

Vulnerability Description

Related Vulnerabilities

CVE-2017-3136

CVE-2018-5742

CVE-2019-6467

CVE-2019-6469

CVE-2021-31294

CVE-2017-12168