Description
BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL. The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients.
References (10)
Scores
CVSS v3
6.8
EPSS
0.0009
EPSS Percentile
24.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N
Details
CWE
CWE-444
Status
published
Products (8)
fedoraproject/fedora
34
fedoraproject/fedora
35
fedoraproject/fedora
36
isc/bind
9.11.0 - 9.11.37
isc/bind
9.11.4 - 9.11.37
juniper/junos
19.3 (17 CPE variants)
juniper/junos
19.4 (23 CPE variants)
juniper/junos
20.2 (5 CPE variants)
Published
Mar 23, 2022
Tracked Since
Feb 18, 2026