CVE-2021-25220

BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL. The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients.

CVSS v3 6.8 MEDIUM
CVSS v2.0 4.0 MEDIUM

6.8^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.3 / Impact : 4.0

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope CHANGED

4.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:S/C:N/I:P/A:N

Exploitability : 8.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf	Patch Third Party Advisory
https://kb.isc.org/v1/docs/cve-2021-25220	Mitigation Vendor Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2SXT7247QTKNBQ67MNRGZD23ADXU6E5U/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5VX3I2U3ICOIEI5Y7OYA6CHOLFMNH3YQ/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/API7U5E7SX7BAAVFNW366FFJGD6NZZKV/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DE3UAVCPUMAKG27ZL5YXSP2C3RIOW3JZ/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYD7US4HZRFUGAJ66ZTHFBYVP5N3OQBY/
https://security.gentoo.org/glsa/202210-25	Third Party Advisory
https://security.netapp.com/advisory/ntap-20220408-0001/	Third Party Advisory
https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-SRX-Series-Cache-poisoning-vulnerability-in-BIND-used-by-DNS-Proxy-CVE-2021-25220?language=en_US
https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf	Patch Third Party Advisory
https://kb.isc.org/v1/docs/cve-2021-25220	Mitigation Vendor Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2SXT7247QTKNBQ67MNRGZD23ADXU6E5U/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5VX3I2U3ICOIEI5Y7OYA6CHOLFMNH3YQ/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/API7U5E7SX7BAAVFNW366FFJGD6NZZKV/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DE3UAVCPUMAKG27ZL5YXSP2C3RIOW3JZ/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYD7US4HZRFUGAJ66ZTHFBYVP5N3OQBY/
https://security.gentoo.org/glsa/202210-25	Third Party Advisory
https://security.netapp.com/advisory/ntap-20220408-0001/	Third Party Advisory
https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-SRX-Series-Cache-poisoning-vulnerability-in-BIND-used-by-DNS-Proxy-CVE-2021-25220?language=en_US

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:isc:bind:::::-:::*
	cpe:2.3:a:isc:bind:::::supported_preview:::*
	cpe:2.3:a:isc:bind:::::-:::*
	cpe:2.3:a:isc:bind:::::supported_preview:::*
	cpe:2.3:a:isc:bind:::::-:::*

Configuration 2 (hide)

OR	cpe:2.3:o:fedoraproject:fedora:34:::::::*
	cpe:2.3:o:fedoraproject:fedora:35:::::::*
	cpe:2.3:o:fedoraproject:fedora:36:::::::*

Configuration 3 (hide)

AND

cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*

Configuration 11 (hide)

OR	cpe:2.3:a:siemens:sinec_ins::::::::
	cpe:2.3:a:siemens:sinec_ins:1.0:-::::::
	cpe:2.3:a:siemens:sinec_ins:1.0:sp1::::::

Configuration 12 (hide)

AND

OR	cpe:2.3:o:juniper:junos::::::::
	cpe:2.3:o:juniper:junos:19.3:-::::::
	cpe:2.3:o:juniper:junos:19.3:r1-s1::::::
	cpe:2.3:o:juniper:junos:19.3:r2::::::
	cpe:2.3:o:juniper:junos:19.3:r2-s1::::::
	cpe:2.3:o:juniper:junos:19.3:r2-s2::::::
	cpe:2.3:o:juniper:junos:19.3:r2-s3::::::
	cpe:2.3:o:juniper:junos:19.3:r2-s4::::::
	cpe:2.3:o:juniper:junos:19.3:r2-s5::::::
	cpe:2.3:o:juniper:junos:19.3:r2-s6::::::
	cpe:2.3:o:juniper:junos:19.3:r2-s7::::::
	cpe:2.3:o:juniper:junos:19.3:r3::::::
	cpe:2.3:o:juniper:junos:19.3:r3-s1::::::
	cpe:2.3:o:juniper:junos:19.3:r3-s2::::::
	cpe:2.3:o:juniper:junos:19.3:r3-s3::::::
	cpe:2.3:o:juniper:junos:19.3:r3-s4::::::
	cpe:2.3:o:juniper:junos:19.3:r3-s5::::::
	cpe:2.3:o:juniper:junos:19.3:r3-s6::::::
	cpe:2.3:o:juniper:junos:19.4:-::::::
	cpe:2.3:o:juniper:junos:19.4:r1::::::
	cpe:2.3:o:juniper:junos:19.4:r1-s1::::::
	cpe:2.3:o:juniper:junos:19.4:r1-s2::::::
	cpe:2.3:o:juniper:junos:19.4:r1-s3::::::
	cpe:2.3:o:juniper:junos:19.4:r1-s4::::::
	cpe:2.3:o:juniper:junos:19.4:r2::::::
	cpe:2.3:o:juniper:junos:19.4:r2-s1::::::
	cpe:2.3:o:juniper:junos:19.4:r2-s2::::::
	cpe:2.3:o:juniper:junos:19.4:r2-s3::::::
	cpe:2.3:o:juniper:junos:19.4:r2-s4::::::
	cpe:2.3:o:juniper:junos:19.4:r2-s5::::::
	cpe:2.3:o:juniper:junos:19.4:r2-s6::::::
	cpe:2.3:o:juniper:junos:19.4:r2-s7::::::
	cpe:2.3:o:juniper:junos:19.4:r3::::::
	cpe:2.3:o:juniper:junos:19.4:r3-s1::::::
	cpe:2.3:o:juniper:junos:19.4:r3-s2::::::
	cpe:2.3:o:juniper:junos:19.4:r3-s3::::::
	cpe:2.3:o:juniper:junos:19.4:r3-s4::::::
	cpe:2.3:o:juniper:junos:19.4:r3-s5::::::
	cpe:2.3:o:juniper:junos:19.4:r3-s6::::::
	cpe:2.3:o:juniper:junos:19.4:r3-s7::::::
	cpe:2.3:o:juniper:junos:19.4:r3-s8::::::
	cpe:2.3:o:juniper:junos:20.2:-::::::
	cpe:2.3:o:juniper:junos:20.2:r1::::::
	cpe:2.3:o:juniper:junos:20.2:r1-s1::::::
	cpe:2.3:o:juniper:junos:20.2:r1-s2::::::
	cpe:2.3:o:juniper:junos:20.2:r1-s3::::::
	cpe:2.3:o:juniper:junos:20.2:r2::::::
	cpe:2.3:o:juniper:junos:20.2:r2-s1::::::
	cpe:2.3:o:juniper:junos:20.2:r2-s2::::::
	cpe:2.3:o:juniper:junos:20.2:r2-s3::::::
	cpe:2.3:o:juniper:junos:20.2:r3::::::
	cpe:2.3:o:juniper:junos:20.2:r3-s1::::::
	cpe:2.3:o:juniper:junos:20.2:r3-s2::::::
	cpe:2.3:o:juniper:junos:20.2:r3-s3::::::
	cpe:2.3:o:juniper:junos:20.2:r3-s4::::::
	cpe:2.3:o:juniper:junos:20.3:-::::::
	cpe:2.3:o:juniper:junos:20.3:r1::::::
	cpe:2.3:o:juniper:junos:20.3:r1-s1::::::
	cpe:2.3:o:juniper:junos:20.3:r1-s2::::::
	cpe:2.3:o:juniper:junos:20.3:r2::::::
	cpe:2.3:o:juniper:junos:20.3:r2-s1::::::
	cpe:2.3:o:juniper:junos:20.3:r3::::::
	cpe:2.3:o:juniper:junos:20.3:r3-s1::::::
	cpe:2.3:o:juniper:junos:20.3:r3-s2::::::
cpe:2.3:o:juniper:junos:20.3:r3-s3::::::
cpe:2.3:o:juniper:junos:20.3:r3-s4::::::
cpe:2.3:o:juniper:junos:20.4:-::::::
cpe:2.3:o:juniper:junos:20.4:r1::::::
cpe:2.3:o:juniper:junos:20.4:r1-s1::::::
cpe:2.3:o:juniper:junos:20.4:r2::::::
cpe:2.3:o:juniper:junos:20.4:r2-s1::::::
cpe:2.3:o:juniper:junos:20.4:r2-s2::::::
cpe:2.3:o:juniper:junos:20.4:r3::::::
cpe:2.3:o:juniper:junos:20.4:r3-s1::::::
cpe:2.3:o:juniper:junos:20.4:r3-s2::::::
cpe:2.3:o:juniper:junos:20.4:r3-s3::::::
cpe:2.3:o:juniper:junos:20.4:r3-s4::::::
cpe:2.3:o:juniper:junos:21.1:-::::::
cpe:2.3:o:juniper:junos:21.1:r1::::::
cpe:2.3:o:juniper:junos:21.1:r1-s1::::::
cpe:2.3:o:juniper:junos:21.1:r2::::::
cpe:2.3:o:juniper:junos:21.1:r2-s1::::::
cpe:2.3:o:juniper:junos:21.1:r2-s2::::::
cpe:2.3:o:juniper:junos:21.1:r3::::::
cpe:2.3:o:juniper:junos:21.1:r3-s1::::::
cpe:2.3:o:juniper:junos:21.1:r3-s2::::::
cpe:2.3:o:juniper:junos:21.2:-::::::
cpe:2.3:o:juniper:junos:21.2:r1::::::
cpe:2.3:o:juniper:junos:21.2:r1-s1::::::
cpe:2.3:o:juniper:junos:21.2:r1-s2::::::
cpe:2.3:o:juniper:junos:21.2:r2::::::
cpe:2.3:o:juniper:junos:21.2:r2-s1::::::
cpe:2.3:o:juniper:junos:21.2:r2-s2::::::
cpe:2.3:o:juniper:junos:21.2:r3::::::
cpe:2.3:o:juniper:junos:21.2:r3-s1::::::
cpe:2.3:o:juniper:junos:21.3:-::::::
cpe:2.3:o:juniper:junos:21.3:r1::::::
cpe:2.3:o:juniper:junos:21.3:r1-s1::::::
cpe:2.3:o:juniper:junos:21.3:r1-s2::::::
cpe:2.3:o:juniper:junos:21.3:r2::::::
cpe:2.3:o:juniper:junos:21.3:r2-s1::::::
cpe:2.3:o:juniper:junos:21.3:r2-s2::::::
cpe:2.3:o:juniper:junos:21.3:r3::::::
cpe:2.3:o:juniper:junos:21.4:-::::::
cpe:2.3:o:juniper:junos:21.4:r1::::::
cpe:2.3:o:juniper:junos:21.4:r1-s1::::::
cpe:2.3:o:juniper:junos:21.4:r1-s2::::::
cpe:2.3:o:juniper:junos:21.4:r2::::::
cpe:2.3:o:juniper:junos:22.1:r1::::::
cpe:2.3:o:juniper:junos:22.1:r1-s1::::::
cpe:2.3:o:juniper:junos:22.2:r1::::::

OR	cpe:2.3:h:juniper:srx100:-:::::::*
	cpe:2.3:h:juniper:srx110:-:::::::*
	cpe:2.3:h:juniper:srx1400:-:::::::*
	cpe:2.3:h:juniper:srx1500:-:::::::*
	cpe:2.3:h:juniper:srx210:-:::::::*
	cpe:2.3:h:juniper:srx220:-:::::::*
	cpe:2.3:h:juniper:srx240:-:::::::*
	cpe:2.3:h:juniper:srx240h2:-:::::::*
	cpe:2.3:h:juniper:srx240m:-:::::::*
	cpe:2.3:h:juniper:srx300:-:::::::*
	cpe:2.3:h:juniper:srx320:-:::::::*
	cpe:2.3:h:juniper:srx340:-:::::::*
	cpe:2.3:h:juniper:srx3400:-:::::::*
	cpe:2.3:h:juniper:srx345:-:::::::*
	cpe:2.3:h:juniper:srx3600:-:::::::*
	cpe:2.3:h:juniper:srx380:-:::::::*
	cpe:2.3:h:juniper:srx4000:-:::::::*
	cpe:2.3:h:juniper:srx4100:-:::::::*
	cpe:2.3:h:juniper:srx4200:-:::::::*
	cpe:2.3:h:juniper:srx4600:-:::::::*
	cpe:2.3:h:juniper:srx5000:-:::::::*
	cpe:2.3:h:juniper:srx5400:-:::::::*
	cpe:2.3:h:juniper:srx550:-:::::::*
	cpe:2.3:h:juniper:srx550_hm:-:::::::*
	cpe:2.3:h:juniper:srx550m:-:::::::*
	cpe:2.3:h:juniper:srx5600:-:::::::*
	cpe:2.3:h:juniper:srx5800:-:::::::*
	cpe:2.3:h:juniper:srx650:-:::::::*

History

21 Nov 2024, 05:54

Type	Values Removed	Values Added
References	~~() https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf - Patch, Third Party Advisory~~	() https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf - Patch, Third Party Advisory
References	~~() https://kb.isc.org/v1/docs/cve-2021-25220 - Mitigation, Vendor Advisory~~	() https://kb.isc.org/v1/docs/cve-2021-25220 - Mitigation, Vendor Advisory
References	~~() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2SXT7247QTKNBQ67MNRGZD23ADXU6E5U/ -~~	() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2SXT7247QTKNBQ67MNRGZD23ADXU6E5U/ -
References	~~() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5VX3I2U3ICOIEI5Y7OYA6CHOLFMNH3YQ/ -~~	() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5VX3I2U3ICOIEI5Y7OYA6CHOLFMNH3YQ/ -
References	~~() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/API7U5E7SX7BAAVFNW366FFJGD6NZZKV/ -~~	() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/API7U5E7SX7BAAVFNW366FFJGD6NZZKV/ -
References	~~() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DE3UAVCPUMAKG27ZL5YXSP2C3RIOW3JZ/ -~~	() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DE3UAVCPUMAKG27ZL5YXSP2C3RIOW3JZ/ -
References	~~() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYD7US4HZRFUGAJ66ZTHFBYVP5N3OQBY/ -~~	() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYD7US4HZRFUGAJ66ZTHFBYVP5N3OQBY/ -
References	~~() https://security.gentoo.org/glsa/202210-25 - Third Party Advisory~~	() https://security.gentoo.org/glsa/202210-25 - Third Party Advisory
References	~~() https://security.netapp.com/advisory/ntap-20220408-0001/ - Third Party Advisory~~	() https://security.netapp.com/advisory/ntap-20220408-0001/ - Third Party Advisory
References	~~() https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-SRX-Series-Cache-poisoning-vulnerability-in-BIND-used-by-DNS-Proxy-CVE-2021-25220?language=en_US -~~	() https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-SRX-Series-Cache-poisoning-vulnerability-in-BIND-used-by-DNS-Proxy-CVE-2021-25220?language=en_US -

09 Nov 2023, 14:44

Type	Values Removed	Values Added
CPE	cpe:2.3:o:netapp:baseboard_management_controller_h700e_firmware:-:::::::* cpe:2.3:o:netapp:baseboard_management_controller_h410s_firmware:-:::::::* cpe:2.3:h:netapp:baseboard_management_controller_h300e:-:::::::* cpe:2.3:o:netapp:baseboard_management_controller_h300s_firmware:-:::::::* cpe:2.3:o:netapp:baseboard_management_controller_h500s_firmware:-:::::::* cpe:2.3:h:netapp:baseboard_management_controller_h410c:-:::::::* cpe:2.3:o:netapp:baseboard_management_controller_h410c_firmware:-:::::::* cpe:2.3:o:netapp:baseboard_management_controller_h500e_firmware:-:::::::* cpe:2.3:h:netapp:baseboard_management_controller_h700e:-:::::::* cpe:2.3:o:netapp:baseboard_management_controller_h700s_firmware:-:::::::* cpe:2.3:h:netapp:baseboard_management_controller_h500e:-:::::::* cpe:2.3:h:netapp:baseboard_management_controller_h410s:-:::::::* cpe:2.3:h:netapp:baseboard_management_controller_h300s:-:::::::* cpe:2.3:h:netapp:baseboard_management_controller_h500s:-:::::::* cpe:2.3:h:netapp:baseboard_management_controller_h700s:-:::::::* cpe:2.3:o:netapp:baseboard_management_controller_h300e_firmware:-:::::::*	cpe:2.3:h:netapp:h700s:-:::::::* cpe:2.3:h:netapp:h300e:-:::::::* cpe:2.3:o:netapp:h700e_firmware:-:::::::* cpe:2.3:h:netapp:h500s:-:::::::* cpe:2.3:h:netapp:h410c:-:::::::* cpe:2.3:o:netapp:h300e_firmware:-:::::::* cpe:2.3:o:netapp:h500e_firmware:-:::::::* cpe:2.3:h:netapp:h700e:-:::::::* cpe:2.3:h:netapp:h500e:-:::::::* cpe:2.3:h:netapp:h410s:-:::::::* cpe:2.3:o:netapp:h410s_firmware:-:::::::* cpe:2.3:o:netapp:h300s_firmware:-:::::::* cpe:2.3:o:netapp:h500s_firmware:-:::::::* cpe:2.3:o:netapp:h410c_firmware:-:::::::* cpe:2.3:o:netapp:h700s_firmware:-:::::::* cpe:2.3:h:netapp:h300s:-:::::::*
First Time		Netapp h700e Firmware Netapp h500e Firmware Netapp h410c Netapp h410s Netapp h700s Netapp h300e Firmware Netapp h700s Firmware Netapp h300e Netapp h700e Netapp h410s Firmware Netapp h500e Netapp h300s Firmware Netapp h500s Firmware Netapp h300s Netapp h500s Netapp h410c Firmware

07 Nov 2023, 03:31

Type	Values Removed	Values Added
References	{'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2SXT7247QTKNBQ67MNRGZD23ADXU6E5U/', 'name': 'FEDORA-2022-05918f0838', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'} {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5VX3I2U3ICOIEI5Y7OYA6CHOLFMNH3YQ/', 'name': 'FEDORA-2022-a88218de5c', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'} {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYD7US4HZRFUGAJ66ZTHFBYVP5N3OQBY/', 'name': 'FEDORA-2022-14e36aac0c', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'} {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/API7U5E7SX7BAAVFNW366FFJGD6NZZKV/', 'name': 'FEDORA-2022-042d9c6146', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'} {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DE3UAVCPUMAKG27ZL5YXSP2C3RIOW3JZ/', 'name': 'FEDORA-2022-3f293290c3', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'}	() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2SXT7247QTKNBQ67MNRGZD23ADXU6E5U/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5VX3I2U3ICOIEI5Y7OYA6CHOLFMNH3YQ/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/API7U5E7SX7BAAVFNW366FFJGD6NZZKV/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DE3UAVCPUMAKG27ZL5YXSP2C3RIOW3JZ/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYD7US4HZRFUGAJ66ZTHFBYVP5N3OQBY/ -

23 Jul 2023, 02:15

Type	Values Removed	Values Added
References		(MISC) https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-SRX-Series-Cache-poisoning-vulnerability-in-BIND-used-by-DNS-Proxy-CVE-2021-25220?language=en_US -

16 May 2023, 10:59

Type	Values Removed	Values Added
First Time		Juniper srx220 Juniper srx650 Juniper srx4000 Juniper srx300 Juniper junos Juniper srx345 Juniper srx3600 Juniper srx210 Juniper srx1400 Juniper srx5000 Juniper srx550 Hm Juniper srx1500 Juniper srx380 Juniper srx110 Juniper srx4100 Juniper srx100 Juniper srx5600 Juniper srx340 Juniper srx550m Juniper srx550 Juniper srx240m Juniper srx4600 Juniper srx4200 Juniper srx5800 Juniper srx5400 Juniper srx320 Juniper srx240 Juniper Juniper srx240h2 Juniper srx3400
CPE		cpe:2.3:o:juniper:junos:19.4:r3-s4:::::: cpe:2.3:o:juniper:junos:19.4:r3-s5:::::: cpe:2.3:h:juniper:srx300:-:::::::* cpe:2.3:o:juniper:junos:21.1:r3-s2:::::: cpe:2.3:o:juniper:junos:19.4:r2-s5:::::: cpe:2.3:o:juniper:junos:19.3:r3-s3:::::: cpe:2.3:o:juniper:junos:19.4:r1-s1:::::: cpe:2.3:o:juniper:junos:20.3:r1-s1:::::: cpe:2.3:o:juniper:junos:21.1:r1-s1:::::: cpe:2.3:o:juniper:junos:21.2:r1-s2:::::: cpe:2.3:o:juniper:junos:19.3:r2-s6:::::: cpe:2.3:o:juniper:junos:21.2:r1:::::: cpe:2.3:h:juniper:srx4600:-:::::::* cpe:2.3:o:juniper:junos:20.4:r3-s2:::::: cpe:2.3:o:juniper:junos:20.2:r1:::::: cpe:2.3:o:juniper:junos:21.1:r3-s1:::::: cpe:2.3:h:juniper:srx320:-:::::::* cpe:2.3:o:juniper:junos:19.4:r2-s6:::::: cpe:2.3:o:juniper:junos:20.3:r2:::::: cpe:2.3:o:juniper:junos:21.1:r3:::::: cpe:2.3:o:juniper:junos:19.4:r2:::::: cpe:2.3:o:juniper:junos:19.4:-:::::: cpe:2.3:o:juniper:junos:20.4:r3-s4:::::: cpe:2.3:h:juniper:srx5600:-:::::::* cpe:2.3:o:juniper:junos:21.3:r3:::::: cpe:2.3:o:juniper:junos:19.4:r2-s3:::::: cpe:2.3:o:juniper:junos:20.4:r2:::::: cpe:2.3:o:juniper:junos:19.3:r3-s2:::::: cpe:2.3:o:juniper:junos:21.3:r1:::::: cpe:2.3:o:juniper:junos:19.3:-:::::: cpe:2.3:o:juniper:junos:19.4:r3-s1:::::: cpe:2.3:o:juniper:junos:19.4:r2-s1:::::: cpe:2.3:o:juniper:junos:20.3:r3-s2:::::: cpe:2.3:o:juniper:junos:20.2:-:::::: cpe:2.3:h:juniper:srx340:-:::::::* cpe:2.3:o:juniper:junos:20.2:r2-s2:::::: cpe:2.3:h:juniper:srx4000:-:::::::* cpe:2.3:h:juniper:srx5000:-:::::::* cpe:2.3:o:juniper:junos:19.4:r1-s3:::::: cpe:2.3:h:juniper:srx380:-:::::::* cpe:2.3:h:juniper:srx240h2:-:::::::* cpe:2.3:o:juniper:junos:19.4:r3-s2:::::: cpe:2.3:o:juniper:junos:19.3:r2-s4:::::: cpe:2.3:o:juniper:junos:20.2:r2-s3:::::: cpe:2.3:o:juniper:junos:21.1:r2-s2:::::: cpe:2.3:o:juniper:junos:21.1:r1:::::: cpe:2.3:o:juniper:junos:19.4:r1:::::: cpe:2.3:o:juniper:junos:20.4:r1-s1:::::: cpe:2.3:h:juniper:srx4200:-:::::::* cpe:2.3:o:juniper:junos:21.4:r1-s2:::::: cpe:2.3:h:juniper:srx550:-:::::::* cpe:2.3:o:juniper:junos:20.2:r1-s2:::::: cpe:2.3:o:juniper:junos:19.3:r3-s4:::::: cpe:2.3:o:juniper:junos:21.3:r1-s2:::::: cpe:2.3:o:juniper:junos:19.3:r2-s1:::::: cpe:2.3:o:juniper:junos:21.2:r1-s1:::::: cpe:2.3:o:juniper:junos:21.3:r2-s1:::::: cpe:2.3:o:juniper:junos:19.4:r2-s4:::::: cpe:2.3:o:juniper:junos:20.3:r3-s1:::::: cpe:2.3:o:juniper:junos:21.2:r2-s2:::::: cpe:2.3:o:juniper:junos:20.2:r3-s2:::::: cpe:2.3:o:juniper:junos:20.4:r1:::::: cpe:2.3:o:juniper:junos:20.3:r1:::::: cpe:2.3:o:juniper:junos:21.2:r2:::::: cpe:2.3:o:juniper:junos:21.2:r3-s1:::::: cpe:2.3:h:juniper:srx240m:-:::::::* cpe:2.3:h:juniper:srx220:-:::::::* cpe:2.3:o:juniper:junos:20.2:r1-s3:::::: cpe:2.3:o:juniper:junos:21.2:r3:::::: cpe:2.3:o:juniper:junos:19.3:r1-s1:::::: cpe:2.3:o:juniper:junos:20.4:r3:::::: cpe:2.3:o:juniper:junos:::::::: cpe:2.3:o:juniper:junos:19.3:r3-s1:::::: cpe:2.3:o:juniper:junos:22.1:r1-s1:::::: cpe:2.3:o:juniper:junos:19.4:r3-s7:::::: cpe:2.3:o:juniper:junos:20.2:r3:::::: cpe:2.3:h:juniper:srx1500:-:::::::* cpe:2.3:h:juniper:srx3600:-:::::::* cpe:2.3:h:juniper:srx3400:-:::::::* cpe:2.3:o:juniper:junos:20.3:r3:::::: cpe:2.3:o:juniper:junos:20.2:r2-s1:::::: cpe:2.3:h:juniper:srx1400:-:::::::* cpe:2.3:o:juniper:junos:21.3:r2-s2:::::: cpe:2.3:o:juniper:junos:19.4:r2-s7:::::: cpe:2.3:o:juniper:junos:21.1:-:::::: cpe:2.3:o:juniper:junos:20.2:r2:::::: cpe:2.3:h:juniper:srx100:-:::::::* cpe:2.3:o:juniper:junos:22.2:r1:::::: cpe:2.3:h:juniper:srx4100:-:::::::* cpe:2.3:o:juniper:junos:19.3:r3-s6:::::: cpe:2.3:o:juniper:junos:21.2:-:::::: cpe:2.3:o:juniper:junos:22.1:r1:::::: cpe:2.3:h:juniper:srx650:-:::::::* cpe:2.3:o:juniper:junos:20.4:r3-s3:::::: cpe:2.3:h:juniper:srx5800:-:::::::* cpe:2.3:o:juniper:junos:20.3:r3-s4:::::: cpe:2.3:h:juniper:srx550m:-:::::::* cpe:2.3:o:juniper:junos:19.4:r1-s2:::::: cpe:2.3:o:juniper:junos:20.2:r3-s1:::::: cpe:2.3:o:juniper:junos:21.1:r2:::::: cpe:2.3:o:juniper:junos:19.3:r3-s5:::::: cpe:2.3:o:juniper:junos:21.4:r2:::::: cpe:2.3:o:juniper:junos:20.2:r1-s1:::::: cpe:2.3:o:juniper:junos:20.3:r3-s3:::::: cpe:2.3:o:juniper:junos:19.3:r2:::::: cpe:2.3:o:juniper:junos:21.3:-:::::: cpe:2.3:o:juniper:junos:19.3:r2-s5:::::: cpe:2.3:o:juniper:junos:19.3:r2-s7:::::: cpe:2.3:o:juniper:junos:21.4:r1:::::: cpe:2.3:o:juniper:junos:19.3:r3:::::: cpe:2.3:o:juniper:junos:19.4:r3-s3:::::: cpe:2.3:o:juniper:junos:21.4:-:::::: cpe:2.3:h:juniper:srx210:-:::::::* cpe:2.3:h:juniper:srx5400:-:::::::* cpe:2.3:h:juniper:srx550_hm:-:::::::* cpe:2.3:o:juniper:junos:20.3:r2-s1:::::: cpe:2.3:o:juniper:junos:21.4:r1-s1:::::: cpe:2.3:o:juniper:junos:19.3:r2-s2:::::: cpe:2.3:o:juniper:junos:19.4:r3:::::: cpe:2.3:o:juniper:junos:21.3:r1-s1:::::: cpe:2.3:o:juniper:junos:20.2:r3-s3:::::: cpe:2.3:h:juniper:srx345:-:::::::* cpe:2.3:o:juniper:junos:19.4:r1-s4:::::: cpe:2.3:o:juniper:junos:19.4:r3-s6:::::: cpe:2.3:o:juniper:junos:20.2:r3-s4:::::: cpe:2.3:o:juniper:junos:20.4:r2-s2:::::: cpe:2.3:o:juniper:junos:19.3:r2-s3:::::: cpe:2.3:o:juniper:junos:21.2:r2-s1:::::: cpe:2.3:o:juniper:junos:19.4:r2-s2:::::: cpe:2.3:o:juniper:junos:21.1:r2-s1:::::: cpe:2.3:o:juniper:junos:21.3:r2:::::: cpe:2.3:o:juniper:junos:19.4:r3-s8:::::: cpe:2.3:o:juniper:junos:20.3:-:::::: cpe:2.3:h:juniper:srx240:-:::::::* cpe:2.3:o:juniper:junos:20.4:r3-s1:::::: cpe:2.3:h:juniper:srx110:-:::::::* cpe:2.3:o:juniper:junos:20.3:r1-s2:::::: cpe:2.3:o:juniper:junos:20.4:r2-s1:::::: cpe:2.3:o:juniper:junos:20.4:-::::::

Information

Published : 2022-03-23 13:15

Updated : 2024-11-21 05:54

NVD link : CVE-2021-25220

Mitre link : CVE-2021-25220

CVE.ORG link : CVE-2021-25220

JSON object : View

Products Affected

juniper

srx5400
srx4600
srx4200
junos
srx300
srx240h2
srx5800
srx5600
srx240
srx210
srx5000
srx220
srx110
srx1400
srx240m
srx320
srx4000
srx345
srx650
srx3600
srx1500
srx4100
srx340
srx3400
srx100
srx550m
srx380
srx550_hm
srx550

netapp

h700e_firmware
h500s_firmware
h410c_firmware
h500s
h700s
h500e_firmware
h410c
h410s_firmware
h700e
h700s_firmware
h300s
h300e_firmware
h500e
h300s_firmware
h410s
h300e

isc

bind

siemens

sinec_ins

fedoraproject

fedora

CWE

CWE-444

Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

6.8 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope CHANGED

4.0 /10

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

JSON object

Attach tags to CVE-2021-25220

6.8^/10

4.0^/10

Attach tags to `CVE-2021-25220`