CVE-2016-9147

high-risk
Published 2017-01-12

named in ISC BIND 9.9.9-P4, 9.9.9-S6, 9.10.4-P4, and 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a response containing an inconsistency among the DNSSEC-related RRsets.

Do I need to act?

!
56.2% chance of exploitation in next 30 days
EPSS score — higher than 44% of all CVEs
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10 High
NETWORK / LOW complexity

Affected Products (4)

Affected Vendors

Isc

References (22)

http://rhn.redhat.com/errata/RHSA-2017-0062.html
http://rhn.redhat.com/errata/RHSA-2017-0063.html
http://rhn.redhat.com/errata/RHSA-2017-0064.html
http://www.debian.org/security/2017/dsa-3758
http://www.securityfocus.com/bid/95390
http://www.securitytracker.com/id/1037582
https://access.redhat.com/errata/RHSA-2017:1582
https://access.redhat.com/errata/RHSA-2017:1583
Patch https://kb.isc.org/article/AA-01440/74/CVE-2016-9147
https://security.gentoo.org/glsa/201708-01
https://security.netapp.com/advisory/ntap-20180926-0005/
http://rhn.redhat.com/errata/RHSA-2017-0062.html
http://rhn.redhat.com/errata/RHSA-2017-0063.html
http://rhn.redhat.com/errata/RHSA-2017-0064.html
http://www.debian.org/security/2017/dsa-3758
http://www.securityfocus.com/bid/95390
http://www.securitytracker.com/id/1037582
https://access.redhat.com/errata/RHSA-2017:1582
https://access.redhat.com/errata/RHSA-2017:1583
Patch https://kb.isc.org/article/AA-01440/74/CVE-2016-9147
and 2 more references
54
/ 100
high-risk
Severity 26/34 · High
Exploitability 18/34 · Moderate
Exposure 10/34 · Low