vulnerability

Oracle Solaris 11: CVE-2020-8624 (11.4 SRU 26.75.4)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:L/Au:S/C:N/I:P/A:N)	Aug 21, 2020	Jan 19, 2021	Feb 17, 2022

Severity

CVSS

(AV:N/AC:L/Au:S/C:N/I:P/A:N)

Published

Aug 21, 2020

Added

Jan 19, 2021

Modified

Feb 17, 2022

Description

In BIND 9.9.12 -> 9.9.13, 9.10.7 -> 9.10.8, 9.11.3 -> 9.11.21, 9.12.1 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.12-S1 -> 9.9.13-S1, 9.11.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker who has been granted privileges to change a specific subset of the zone's content could abuse these unintended additional privileges to update other contents of the zone.

Solutions

oracle-solaris-11-4-upgrade-network-dns-bind-9-11-22-0-0-11-4-26-0-1-75-1oracle-solaris-11-4-upgrade-service-network-dns-bind-9-11-22-0-0-11-4-26-0-1-75-1

References

CVE-2020-8624
https://attackerkb.com/topics/CVE-2020-8624
DEBIAN-DSA-4752
URL-https://support.oracle.com/epmos/faces/DocumentDisplay?id=1448883.1&displayIndex=1

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today