{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T07:04:29.233","vulnerabilities":[{"cve":{"id":"CVE-2017-3142","sourceIdentifier":"security-officer@isc.org","published":"2019-01-16T20:29:00.550","lastModified":"2024-11-21T03:24:55.277","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name may be able to circumvent TSIG authentication of AXFR requests via a carefully constructed request packet. A server that relies solely on TSIG keys for protection with no other ACL protection could be manipulated into: providing an AXFR of a zone to an unauthorized recipient or accepting bogus NOTIFY packets. Affects BIND 9.4.0->9.8.8, 9.9.0->9.9.10-P1, 9.10.0->9.10.5-P1, 9.11.0->9.11.1-P1, 9.9.3-S1->9.9.10-S2, 9.10.5-S1->9.10.5-S2."},{"lang":"es","value":"Un atacante que pueda enviar y recibir mensajes a un servidor DNS autoritativo y que conozca un nombre de clave TSIG válido podría ser capaz de omitir la autenticación TSIG de las peticiones AXFE mediante un paquete de petición cuidadosamente construido. Un servidor que solo depende de las claves TSIG para protegerse sin ningún otro mecanismo de protección de listas de control de acceso podría manipularse para: proporcionar el AXFR de una zona a un destinatario no autorizado o aceptar paquetes NOTIFY falsos. Afecta a BIND desde la versión 9.4.0 hasta la versión 9.8.8, desde la versión 9.9.0 hasta la versión 9.9.10-P1, desde la versión 9.10.0 hasta la versión 9.10.5-P1, desde la versión 9.11.0 hasta la versión 9.11.1-P1, desde la versión 9.9.3-S1 hasta la versión 9.9.10-S2 y desde la versión 9.10.5-S1 hasta la versión 9.10.5-S2."}],"metrics":{"cvssMetricV30":[{"source":"security-officer@isc.org","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":3.7,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:N/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*","versionStartIncluding":"9.4.0","versionEndIncluding":"9.8.8","matchCriteriaId":"343E9DD3-BBEA-4385-9A8E-0675BE74EC43"},{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*","versionStartIncluding":"9.9.0","versionEndIncluding":"9.9.10","matchCriteriaId":"4D75A16E-2EB4-4A10-9B63-AC04755AC1E4"},{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*","versionStartIncluding":"9.10.0","versionEndIncluding":"9.10.5","matchCriteriaId":"E8039263-E38B-40B2-B3AA-3673C0DD8318"},{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*","versionStartIncluding":"9.11.0","versionEndIncluding":"9.11.1","matchCriteriaId":"A8E6E2D9-E137-498C-B175-1CA268B6E551"},{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:9.9.0:p1:*:*:*:*:*:*","matchCriteriaId":"86C1A668-D648-4E72-876B-E72D341003D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:9.9.3:s1:*:*:*:*:*:*","matchCriteriaId":"FCC182A9-5989-4A87-A3BA-F1CFAEDC95E2"},{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:9.9.10:s2:*:*:*:*:*:*","matchCriteriaId":"19F83C65-E07D-4057-B2DB-9906993C2F18"},{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:9.10.5:p1:*:*:*:*:*:*","matchCriteriaId":"BCAAAEEE-999C-4334-85BC-8BC8BAE99930"},{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:9.10.5:s1:*:*:*:*:*:*","matchCriteriaId":"82A6F259-EB06-4F31-9F68-A76F257756DC"},{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:9.10.5:s2:*:*:*:*:*:*","matchCriteriaId":"C1D1ED1A-ECD7-4068-B630-43A7646C97CD"},{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:9.11.1:p1:*:*:*:*:*:*","matchCriteriaId":"83B24247-3BEE-4338-9750-8B6DE27301E8"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","matchCriteriaId":"EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","matchCriteriaId":"33C068A4-3780-4EAB-A937-6082DF847564"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","matchCriteriaId":"9BBCD86A-E6C7-4444-9D74-F861084090F0"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","matchCriteriaId":"51EF4996-72F4-4FA4-814F-F5991E7A8318"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","matchCriteriaId":"98381E61-F082-4302-B51F-5648884F998B"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","matchCriteriaId":"D99A687E-EAE6-417E-A88E-D0082BC194CD"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*","matchCriteriaId":"B353CE99-D57C-465B-AAB0-73EF581127D1"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","matchCriteriaId":"A8442C20-41F9-47FD-9A12-E724D3A31FD7"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","matchCriteriaId":"9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","matchCriteriaId":"A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*","matchCriteriaId":"BF77CDCF-B9C9-427D-B2BF-36650FB2148C"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*","matchCriteriaId":"24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*","matchCriteriaId":"B76AA310-FEC7-497F-AF04-C3EC1E76C4CC"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","matchCriteriaId":"E5ED5807-55B7-47C5-97A6-03233F4FBC3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","matchCriteriaId":"825ECE2D-E232-46E0-A047-074B34DB1E97"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"DEECE5FC-CACF-4496-A3E7-164736409252"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/99339","source":"security-officer@isc.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1038809","source":"security-officer@isc.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://access.redhat.com/errata/RHSA-2017:1679","source":"security-officer@isc.org","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2017:1680","source":"security-officer@isc.org","tags":["Third Party Advisory"]},{"url":"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03772en_us","source":"security-officer@isc.org","tags":["Third Party Advisory"]},{"url":"https://kb.isc.org/docs/aa-01504","source":"security-officer@isc.org","tags":["Vendor Advisory"]},{"url":"https://security.netapp.com/advisory/ntap-20190830-0003/","source":"security-officer@isc.org"},{"url":"https://www.debian.org/security/2017/dsa-3904","source":"security-officer@isc.org","tags":["Third Party Advisory"]},{"url":"http://www.securityfocus.com/bid/99339","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1038809","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://access.redhat.com/errata/RHSA-2017:1679","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2017:1680","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03772en_us","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://kb.isc.org/docs/aa-01504","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://security.netapp.com/advisory/ntap-20190830-0003/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.debian.org/security/2017/dsa-3904","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}