CVE-2021-25220

BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL. The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients.

CVSS v3 6.8 MEDIUM
CVSS v2.0 4.0 MEDIUM

6.8^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.3 / Impact : 4.0

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope CHANGED

4.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:S/C:N/I:P/A:N

Exploitability : 8.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf	Patch Third Party Advisory
https://kb.isc.org/v1/docs/cve-2021-25220	Mitigation Vendor Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2SXT7247QTKNBQ67MNRGZD23ADXU6E5U/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5VX3I2U3ICOIEI5Y7OYA6CHOLFMNH3YQ/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/API7U5E7SX7BAAVFNW366FFJGD6NZZKV/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DE3UAVCPUMAKG27ZL5YXSP2C3RIOW3JZ/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYD7US4HZRFUGAJ66ZTHFBYVP5N3OQBY/
https://security.gentoo.org/glsa/202210-25	Third Party Advisory
https://security.netapp.com/advisory/ntap-20220408-0001/	Third Party Advisory
https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-SRX-Series-Cache-poisoning-vulnerability-in-BIND-used-by-DNS-Proxy-CVE-2021-25220?language=en_US
https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf	Patch Third Party Advisory
https://kb.isc.org/v1/docs/cve-2021-25220	Mitigation Vendor Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2SXT7247QTKNBQ67MNRGZD23ADXU6E5U/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5VX3I2U3ICOIEI5Y7OYA6CHOLFMNH3YQ/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/API7U5E7SX7BAAVFNW366FFJGD6NZZKV/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DE3UAVCPUMAKG27ZL5YXSP2C3RIOW3JZ/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYD7US4HZRFUGAJ66ZTHFBYVP5N3OQBY/
https://security.gentoo.org/glsa/202210-25	Third Party Advisory
https://security.netapp.com/advisory/ntap-20220408-0001/	Third Party Advisory
https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-SRX-Series-Cache-poisoning-vulnerability-in-BIND-used-by-DNS-Proxy-CVE-2021-25220?language=en_US

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:isc:bind:::::-:::*
	cpe:2.3:a:isc:bind:::::supported_preview:::*
	cpe:2.3:a:isc:bind:::::-:::*
	cpe:2.3:a:isc:bind:::::supported_preview:::*
	cpe:2.3:a:isc:bind:::::-:::*

Configuration 2 (hide)

OR	cpe:2.3:o:fedoraproject:fedora:34:::::::*
	cpe:2.3:o:fedoraproject:fedora:35:::::::*
	cpe:2.3:o:fedoraproject:fedora:36:::::::*

Configuration 3 (hide)

AND

cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*

Configuration 11 (hide)

OR	cpe:2.3:a:siemens:sinec_ins::::::::
	cpe:2.3:a:siemens:sinec_ins:1.0:-::::::
	cpe:2.3:a:siemens:sinec_ins:1.0:sp1::::::

Configuration 12 (hide)

AND

OR	cpe:2.3:o:juniper:junos::::::::
	cpe:2.3:o:juniper:junos:19.3:-::::::
	cpe:2.3:o:juniper:junos:19.3:r1-s1::::::
	cpe:2.3:o:juniper:junos:19.3:r2::::::
	cpe:2.3:o:juniper:junos:19.3:r2-s1::::::
	cpe:2.3:o:juniper:junos:19.3:r2-s2::::::
	cpe:2.3:o:juniper:junos:19.3:r2-s3::::::
	cpe:2.3:o:juniper:junos:19.3:r2-s4::::::
	cpe:2.3:o:juniper:junos:19.3:r2-s5::::::
	cpe:2.3:o:juniper:junos:19.3:r2-s6::::::
	cpe:2.3:o:juniper:junos:19.3:r2-s7::::::
	cpe:2.3:o:juniper:junos:19.3:r3::::::
	cpe:2.3:o:juniper:junos:19.3:r3-s1::::::
	cpe:2.3:o:juniper:junos:19.3:r3-s2::::::
	cpe:2.3:o:juniper:junos:19.3:r3-s3::::::
	cpe:2.3:o:juniper:junos:19.3:r3-s4::::::
	cpe:2.3:o:juniper:junos:19.3:r3-s5::::::
	cpe:2.3:o:juniper:junos:19.3:r3-s6::::::
	cpe:2.3:o:juniper:junos:19.4:-::::::
	cpe:2.3:o:juniper:junos:19.4:r1::::::
	cpe:2.3:o:juniper:junos:19.4:r1-s1::::::
	cpe:2.3:o:juniper:junos:19.4:r1-s2::::::
	cpe:2.3:o:juniper:junos:19.4:r1-s3::::::
	cpe:2.3:o:juniper:junos:19.4:r1-s4::::::
	cpe:2.3:o:juniper:junos:19.4:r2::::::
	cpe:2.3:o:juniper:junos:19.4:r2-s1::::::
	cpe:2.3:o:juniper:junos:19.4:r2-s2::::::
	cpe:2.3:o:juniper:junos:19.4:r2-s3::::::
	cpe:2.3:o:juniper:junos:19.4:r2-s4::::::
	cpe:2.3:o:juniper:junos:19.4:r2-s5::::::
	cpe:2.3:o:juniper:junos:19.4:r2-s6::::::
	cpe:2.3:o:juniper:junos:19.4:r2-s7::::::
	cpe:2.3:o:juniper:junos:19.4:r3::::::
	cpe:2.3:o:juniper:junos:19.4:r3-s1::::::
	cpe:2.3:o:juniper:junos:19.4:r3-s2::::::
	cpe:2.3:o:juniper:junos:19.4:r3-s3::::::
	cpe:2.3:o:juniper:junos:19.4:r3-s4::::::
	cpe:2.3:o:juniper:junos:19.4:r3-s5::::::
	cpe:2.3:o:juniper:junos:19.4:r3-s6::::::
	cpe:2.3:o:juniper:junos:19.4:r3-s7::::::
	cpe:2.3:o:juniper:junos:19.4:r3-s8::::::
	cpe:2.3:o:juniper:junos:20.2:-::::::
	cpe:2.3:o:juniper:junos:20.2:r1::::::
	cpe:2.3:o:juniper:junos:20.2:r1-s1::::::
	cpe:2.3:o:juniper:junos:20.2:r1-s2::::::
	cpe:2.3:o:juniper:junos:20.2:r1-s3::::::
	cpe:2.3:o:juniper:junos:20.2:r2::::::
	cpe:2.3:o:juniper:junos:20.2:r2-s1::::::
	cpe:2.3:o:juniper:junos:20.2:r2-s2::::::
	cpe:2.3:o:juniper:junos:20.2:r2-s3::::::
	cpe:2.3:o:juniper:junos:20.2:r3::::::
	cpe:2.3:o:juniper:junos:20.2:r3-s1::::::
	cpe:2.3:o:juniper:junos:20.2:r3-s2::::::
	cpe:2.3:o:juniper:junos:20.2:r3-s3::::::
	cpe:2.3:o:juniper:junos:20.2:r3-s4::::::
	cpe:2.3:o:juniper:junos:20.3:-::::::
	cpe:2.3:o:juniper:junos:20.3:r1::::::
	cpe:2.3:o:juniper:junos:20.3:r1-s1::::::
	cpe:2.3:o:juniper:junos:20.3:r1-s2::::::
	cpe:2.3:o:juniper:junos:20.3:r2::::::
	cpe:2.3:o:juniper:junos:20.3:r2-s1::::::
	cpe:2.3:o:juniper:junos:20.3:r3::::::
	cpe:2.3:o:juniper:junos:20.3:r3-s1::::::
	cpe:2.3:o:juniper:junos:20.3:r3-s2::::::
cpe:2.3:o:juniper:junos:20.3:r3-s3::::::
cpe:2.3:o:juniper:junos:20.3:r3-s4::::::
cpe:2.3:o:juniper:junos:20.4:-::::::
cpe:2.3:o:juniper:junos:20.4:r1::::::
cpe:2.3:o:juniper:junos:20.4:r1-s1::::::
cpe:2.3:o:juniper:junos:20.4:r2::::::
cpe:2.3:o:juniper:junos:20.4:r2-s1::::::
cpe:2.3:o:juniper:junos:20.4:r2-s2::::::
cpe:2.3:o:juniper:junos:20.4:r3::::::
cpe:2.3:o:juniper:junos:20.4:r3-s1::::::
cpe:2.3:o:juniper:junos:20.4:r3-s2::::::
cpe:2.3:o:juniper:junos:20.4:r3-s3::::::
cpe:2.3:o:juniper:junos:20.4:r3-s4::::::
cpe:2.3:o:juniper:junos:21.1:-::::::
cpe:2.3:o:juniper:junos:21.1:r1::::::
cpe:2.3:o:juniper:junos:21.1:r1-s1::::::
cpe:2.3:o:juniper:junos:21.1:r2::::::
cpe:2.3:o:juniper:junos:21.1:r2-s1::::::
cpe:2.3:o:juniper:junos:21.1:r2-s2::::::
cpe:2.3:o:juniper:junos:21.1:r3::::::
cpe:2.3:o:juniper:junos:21.1:r3-s1::::::
cpe:2.3:o:juniper:junos:21.1:r3-s2::::::
cpe:2.3:o:juniper:junos:21.2:-::::::
cpe:2.3:o:juniper:junos:21.2:r1::::::
cpe:2.3:o:juniper:junos:21.2:r1-s1::::::
cpe:2.3:o:juniper:junos:21.2:r1-s2::::::
cpe:2.3:o:juniper:junos:21.2:r2::::::
cpe:2.3:o:juniper:junos:21.2:r2-s1::::::
cpe:2.3:o:juniper:junos:21.2:r2-s2::::::
cpe:2.3:o:juniper:junos:21.2:r3::::::
cpe:2.3:o:juniper:junos:21.2:r3-s1::::::
cpe:2.3:o:juniper:junos:21.3:-::::::
cpe:2.3:o:juniper:junos:21.3:r1::::::
cpe:2.3:o:juniper:junos:21.3:r1-s1::::::
cpe:2.3:o:juniper:junos:21.3:r1-s2::::::
cpe:2.3:o:juniper:junos:21.3:r2::::::
cpe:2.3:o:juniper:junos:21.3:r2-s1::::::
cpe:2.3:o:juniper:junos:21.3:r2-s2::::::
cpe:2.3:o:juniper:junos:21.3:r3::::::
cpe:2.3:o:juniper:junos:21.4:-::::::
cpe:2.3:o:juniper:junos:21.4:r1::::::
cpe:2.3:o:juniper:junos:21.4:r1-s1::::::
cpe:2.3:o:juniper:junos:21.4:r1-s2::::::
cpe:2.3:o:juniper:junos:21.4:r2::::::
cpe:2.3:o:juniper:junos:22.1:r1::::::
cpe:2.3:o:juniper:junos:22.1:r1-s1::::::
cpe:2.3:o:juniper:junos:22.2:r1::::::

OR	cpe:2.3:h:juniper:srx100:-:::::::*
	cpe:2.3:h:juniper:srx110:-:::::::*
	cpe:2.3:h:juniper:srx1400:-:::::::*
	cpe:2.3:h:juniper:srx1500:-:::::::*
	cpe:2.3:h:juniper:srx210:-:::::::*
	cpe:2.3:h:juniper:srx220:-:::::::*
	cpe:2.3:h:juniper:srx240:-:::::::*
	cpe:2.3:h:juniper:srx240h2:-:::::::*
	cpe:2.3:h:juniper:srx240m:-:::::::*
	cpe:2.3:h:juniper:srx300:-:::::::*
	cpe:2.3:h:juniper:srx320:-:::::::*
	cpe:2.3:h:juniper:srx340:-:::::::*
	cpe:2.3:h:juniper:srx3400:-:::::::*
	cpe:2.3:h:juniper:srx345:-:::::::*
	cpe:2.3:h:juniper:srx3600:-:::::::*
	cpe:2.3:h:juniper:srx380:-:::::::*
	cpe:2.3:h:juniper:srx4000:-:::::::*
	cpe:2.3:h:juniper:srx4100:-:::::::*
	cpe:2.3:h:juniper:srx4200:-:::::::*
	cpe:2.3:h:juniper:srx4600:-:::::::*
	cpe:2.3:h:juniper:srx5000:-:::::::*
	cpe:2.3:h:juniper:srx5400:-:::::::*
	cpe:2.3:h:juniper:srx550:-:::::::*
	cpe:2.3:h:juniper:srx550_hm:-:::::::*
	cpe:2.3:h:juniper:srx550m:-:::::::*
	cpe:2.3:h:juniper:srx5600:-:::::::*
	cpe:2.3:h:juniper:srx5800:-:::::::*
	cpe:2.3:h:juniper:srx650:-:::::::*

History

21 Nov 2024, 05:54

Type	Values Removed	Values Added
References	~~() https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf - Patch, Third Party Advisory~~	() https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf - Patch, Third Party Advisory
References	~~() https://kb.isc.org/v1/docs/cve-2021-25220 - Mitigation, Vendor Advisory~~	() https://kb.isc.org/v1/docs/cve-2021-25220 - Mitigation, Vendor Advisory
References	~~() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2SXT7247QTKNBQ67MNRGZD23ADXU6E5U/ -~~	() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2SXT7247QTKNBQ67MNRGZD23ADXU6E5U/ -
References	~~() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5VX3I2U3ICOIEI5Y7OYA6CHOLFMNH3YQ/ -~~	() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5VX3I2U3ICOIEI5Y7OYA6CHOLFMNH3YQ/ -
References	~~() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/API7U5E7SX7BAAVFNW366FFJGD6NZZKV/ -~~	() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/API7U5E7SX7BAAVFNW366FFJGD6NZZKV/ -
References	~~() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DE3UAVCPUMAKG27ZL5YXSP2C3RIOW3JZ/ -~~	() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DE3UAVCPUMAKG27ZL5YXSP2C3RIOW3JZ/ -
References	~~() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYD7US4HZRFUGAJ66ZTHFBYVP5N3OQBY/ -~~	() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYD7US4HZRFUGAJ66ZTHFBYVP5N3OQBY/ -
References	~~() https://security.gentoo.org/glsa/202210-25 - Third Party Advisory~~	() https://security.gentoo.org/glsa/202210-25 - Third Party Advisory
References	~~() https://security.netapp.com/advisory/ntap-20220408-0001/ - Third Party Advisory~~	() https://security.netapp.com/advisory/ntap-20220408-0001/ - Third Party Advisory
References	~~() https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-SRX-Series-Cache-poisoning-vulnerability-in-BIND-used-by-DNS-Proxy-CVE-2021-25220?language=en_US -~~	() https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-SRX-Series-Cache-poisoning-vulnerability-in-BIND-used-by-DNS-Proxy-CVE-2021-25220?language=en_US -

09 Nov 2023, 14:44

Type	Values Removed	Values Added
CPE	cpe:2.3:o:netapp:baseboard_management_controller_h700e_firmware:-:::::::* cpe:2.3:o:netapp:baseboard_management_controller_h410s_firmware:-:::::::* cpe:2.3:h:netapp:baseboard_management_controller_h300e:-:::::::* cpe:2.3:o:netapp:baseboard_management_controller_h300s_firmware:-:::::::* cpe:2.3:o:netapp:baseboard_management_controller_h500s_firmware:-:::::::* cpe:2.3:h:netapp:baseboard_management_controller_h410c:-:::::::* cpe:2.3:o:netapp:baseboard_management_controller_h410c_firmware:-:::::::* cpe:2.3:o:netapp:baseboard_management_controller_h500e_firmware:-:::::::* cpe:2.3:h:netapp:baseboard_management_controller_h700e:-:::::::* cpe:2.3:o:netapp:baseboard_management_controller_h700s_firmware:-:::::::* cpe:2.3:h:netapp:baseboard_management_controller_h500e:-:::::::* cpe:2.3:h:netapp:baseboard_management_controller_h410s:-:::::::* cpe:2.3:h:netapp:baseboard_management_controller_h300s:-:::::::* cpe:2.3:h:netapp:baseboard_management_controller_h500s:-:::::::* cpe:2.3:h:netapp:baseboard_management_controller_h700s:-:::::::* cpe:2.3:o:netapp:baseboard_management_controller_h300e_firmware:-:::::::*	cpe:2.3:h:netapp:h700s:-:::::::* cpe:2.3:h:netapp:h300e:-:::::::* cpe:2.3:o:netapp:h700e_firmware:-:::::::* cpe:2.3:h:netapp:h500s:-:::::::* cpe:2.3:h:netapp:h410c:-:::::::* cpe:2.3:o:netapp:h300e_firmware:-:::::::* cpe:2.3:o:netapp:h500e_firmware:-:::::::* cpe:2.3:h:netapp:h700e:-:::::::* cpe:2.3:h:netapp:h500e:-:::::::* cpe:2.3:h:netapp:h410s:-:::::::* cpe:2.3:o:netapp:h410s_firmware:-:::::::* cpe:2.3:o:netapp:h300s_firmware:-:::::::* cpe:2.3:o:netapp:h500s_firmware:-:::::::* cpe:2.3:o:netapp:h410c_firmware:-:::::::* cpe:2.3:o:netapp:h700s_firmware:-:::::::* cpe:2.3:h:netapp:h300s:-:::::::*
First Time		Netapp h700e Firmware Netapp h500e Firmware Netapp h410c Netapp h410s Netapp h700s Netapp h300e Firmware Netapp h700s Firmware Netapp h300e Netapp h700e Netapp h410s Firmware Netapp h500e Netapp h300s Firmware Netapp h500s Firmware Netapp h300s Netapp h500s Netapp h410c Firmware

07 Nov 2023, 03:31

Type	Values Removed	Values Added
References	{'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2SXT7247QTKNBQ67MNRGZD23ADXU6E5U/', 'name': 'FEDORA-2022-05918f0838', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'} {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5VX3I2U3ICOIEI5Y7OYA6CHOLFMNH3YQ/', 'name': 'FEDORA-2022-a88218de5c', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'} {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYD7US4HZRFUGAJ66ZTHFBYVP5N3OQBY/', 'name': 'FEDORA-2022-14e36aac0c', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'} {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/API7U5E7SX7BAAVFNW366FFJGD6NZZKV/', 'name': 'FEDORA-2022-042d9c6146', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'} {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DE3UAVCPUMAKG27ZL5YXSP2C3RIOW3JZ/', 'name': 'FEDORA-2022-3f293290c3', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'}	() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2SXT7247QTKNBQ67MNRGZD23ADXU6E5U/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5VX3I2U3ICOIEI5Y7OYA6CHOLFMNH3YQ/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/API7U5E7SX7BAAVFNW366FFJGD6NZZKV/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DE3UAVCPUMAKG27ZL5YXSP2C3RIOW3JZ/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYD7US4HZRFUGAJ66ZTHFBYVP5N3OQBY/ -

23 Jul 2023, 02:15

Type	Values Removed	Values Added
References		(MISC) https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-SRX-Series-Cache-poisoning-vulnerability-in-BIND-used-by-DNS-Proxy-CVE-2021-25220?language=en_US -

16 May 2023, 10:59

Type	Values Removed	Values Added
First Time		Juniper srx220 Juniper srx650 Juniper srx4000 Juniper srx300 Juniper junos Juniper srx345 Juniper srx3600 Juniper srx210 Juniper srx1400 Juniper srx5000 Juniper srx550 Hm Juniper srx1500 Juniper srx380 Juniper srx110 Juniper srx4100 Juniper srx100 Juniper srx5600 Juniper srx340 Juniper srx550m Juniper srx550 Juniper srx240m Juniper srx4600 Juniper srx4200 Juniper srx5800 Juniper srx5400 Juniper srx320 Juniper srx240 Juniper Juniper srx240h2 Juniper srx3400
CPE		cpe:2.3:o:juniper:junos:19.4:r3-s4:::::: cpe:2.3:o:juniper:junos:19.4:r3-s5:::::: cpe:2.3:h:juniper:srx300:-:::::::* cpe:2.3:o:juniper:junos:21.1:r3-s2:::::: cpe:2.3:o:juniper:junos:19.4:r2-s5:::::: cpe:2.3:o:juniper:junos:19.3:r3-s3:::::: cpe:2.3:o:juniper:junos:19.4:r1-s1:::::: cpe:2.3:o:juniper:junos:20.3:r1-s1:::::: cpe:2.3:o:juniper:junos:21.1:r1-s1:::::: cpe:2.3:o:juniper:junos:21.2:r1-s2:::::: cpe:2.3:o:juniper:junos:19.3:r2-s6:::::: cpe:2.3:o:juniper:junos:21.2:r1:::::: cpe:2.3:h:juniper:srx4600:-:::::::* cpe:2.3:o:juniper:junos:20.4:r3-s2:::::: cpe:2.3:o:juniper:junos:20.2:r1:::::: cpe:2.3:o:juniper:junos:21.1:r3-s1:::::: cpe:2.3:h:juniper:srx320:-:::::::* cpe:2.3:o:juniper:junos:19.4:r2-s6:::::: cpe:2.3:o:juniper:junos:20.3:r2:::::: cpe:2.3:o:juniper:junos:21.1:r3:::::: cpe:2.3:o:juniper:junos:19.4:r2:::::: cpe:2.3:o:juniper:junos:19.4:-:::::: cpe:2.3:o:juniper:junos:20.4:r3-s4:::::: cpe:2.3:h:juniper:srx5600:-:::::::* cpe:2.3:o:juniper:junos:21.3:r3:::::: cpe:2.3:o:juniper:junos:19.4:r2-s3:::::: cpe:2.3:o:juniper:junos:20.4:r2:::::: cpe:2.3:o:juniper:junos:19.3:r3-s2:::::: cpe:2.3:o:juniper:junos:21.3:r1:::::: cpe:2.3:o:juniper:junos:19.3:-:::::: cpe:2.3:o:juniper:junos:19.4:r3-s1:::::: cpe:2.3:o:juniper:junos:19.4:r2-s1:::::: cpe:2.3:o:juniper:junos:20.3:r3-s2:::::: cpe:2.3:o:juniper:junos:20.2:-:::::: cpe:2.3:h:juniper:srx340:-:::::::* cpe:2.3:o:juniper:junos:20.2:r2-s2:::::: cpe:2.3:h:juniper:srx4000:-:::::::* cpe:2.3:h:juniper:srx5000:-:::::::* cpe:2.3:o:juniper:junos:19.4:r1-s3:::::: cpe:2.3:h:juniper:srx380:-:::::::* cpe:2.3:h:juniper:srx240h2:-:::::::* cpe:2.3:o:juniper:junos:19.4:r3-s2:::::: cpe:2.3:o:juniper:junos:19.3:r2-s4:::::: cpe:2.3:o:juniper:junos:20.2:r2-s3:::::: cpe:2.3:o:juniper:junos:21.1:r2-s2:::::: cpe:2.3:o:juniper:junos:21.1:r1:::::: cpe:2.3:o:juniper:junos:19.4:r1:::::: cpe:2.3:o:juniper:junos:20.4:r1-s1:::::: cpe:2.3:h:juniper:srx4200:-:::::::* cpe:2.3:o:juniper:junos:21.4:r1-s2:::::: cpe:2.3:h:juniper:srx550:-:::::::* cpe:2.3:o:juniper:junos:20.2:r1-s2:::::: cpe:2.3:o:juniper:junos:19.3:r3-s4:::::: cpe:2.3:o:juniper:junos:21.3:r1-s2:::::: cpe:2.3:o:juniper:junos:19.3:r2-s1:::::: cpe:2.3:o:juniper:junos:21.2:r1-s1:::::: cpe:2.3:o:juniper:junos:21.3:r2-s1:::::: cpe:2.3:o:juniper:junos:19.4:r2-s4:::::: cpe:2.3:o:juniper:junos:20.3:r3-s1:::::: cpe:2.3:o:juniper:junos:21.2:r2-s2:::::: cpe:2.3:o:juniper:junos:20.2:r3-s2:::::: cpe:2.3:o:juniper:junos:20.4:r1:::::: cpe:2.3:o:juniper:junos:20.3:r1:::::: cpe:2.3:o:juniper:junos:21.2:r2:::::: cpe:2.3:o:juniper:junos:21.2:r3-s1:::::: cpe:2.3:h:juniper:srx240m:-:::::::* cpe:2.3:h:juniper:srx220:-:::::::* cpe:2.3:o:juniper:junos:20.2:r1-s3:::::: cpe:2.3:o:juniper:junos:21.2:r3:::::: cpe:2.3:o:juniper:junos:19.3:r1-s1:::::: cpe:2.3:o:juniper:junos:20.4:r3:::::: cpe:2.3:o:juniper:junos:::::::: cpe:2.3:o:juniper:junos:19.3:r3-s1:::::: cpe:2.3:o:juniper:junos:22.1:r1-s1:::::: cpe:2.3:o:juniper:junos:19.4:r3-s7:::::: cpe:2.3:o:juniper:junos:20.2:r3:::::: cpe:2.3:h:juniper:srx1500:-:::::::* cpe:2.3:h:juniper:srx3600:-:::::::* cpe:2.3:h:juniper:srx3400:-:::::::* cpe:2.3:o:juniper:junos:20.3:r3:::::: cpe:2.3:o:juniper:junos:20.2:r2-s1:::::: cpe:2.3:h:juniper:srx1400:-:::::::* cpe:2.3:o:juniper:junos:21.3:r2-s2:::::: cpe:2.3:o:juniper:junos:19.4:r2-s7:::::: cpe:2.3:o:juniper:junos:21.1:-:::::: cpe:2.3:o:juniper:junos:20.2:r2:::::: cpe:2.3:h:juniper:srx100:-:::::::* cpe:2.3:o:juniper:junos:22.2:r1:::::: cpe:2.3:h:juniper:srx4100:-:::::::* cpe:2.3:o:juniper:junos:19.3:r3-s6:::::: cpe:2.3:o:juniper:junos:21.2:-:::::: cpe:2.3:o:juniper:junos:22.1:r1:::::: cpe:2.3:h:juniper:srx650:-:::::::* cpe:2.3:o:juniper:junos:20.4:r3-s3:::::: cpe:2.3:h:juniper:srx5800:-:::::::* cpe:2.3:o:juniper:junos:20.3:r3-s4:::::: cpe:2.3:h:juniper:srx550m:-:::::::* cpe:2.3:o:juniper:junos:19.4:r1-s2:::::: cpe:2.3:o:juniper:junos:20.2:r3-s1:::::: cpe:2.3:o:juniper:junos:21.1:r2:::::: cpe:2.3:o:juniper:junos:19.3:r3-s5:::::: cpe:2.3:o:juniper:junos:21.4:r2:::::: cpe:2.3:o:juniper:junos:20.2:r1-s1:::::: cpe:2.3:o:juniper:junos:20.3:r3-s3:::::: cpe:2.3:o:juniper:junos:19.3:r2:::::: cpe:2.3:o:juniper:junos:21.3:-:::::: cpe:2.3:o:juniper:junos:19.3:r2-s5:::::: cpe:2.3:o:juniper:junos:19.3:r2-s7:::::: cpe:2.3:o:juniper:junos:21.4:r1:::::: cpe:2.3:o:juniper:junos:19.3:r3:::::: cpe:2.3:o:juniper:junos:19.4:r3-s3:::::: cpe:2.3:o:juniper:junos:21.4:-:::::: cpe:2.3:h:juniper:srx210:-:::::::* cpe:2.3:h:juniper:srx5400:-:::::::* cpe:2.3:h:juniper:srx550_hm:-:::::::* cpe:2.3:o:juniper:junos:20.3:r2-s1:::::: cpe:2.3:o:juniper:junos:21.4:r1-s1:::::: cpe:2.3:o:juniper:junos:19.3:r2-s2:::::: cpe:2.3:o:juniper:junos:19.4:r3:::::: cpe:2.3:o:juniper:junos:21.3:r1-s1:::::: cpe:2.3:o:juniper:junos:20.2:r3-s3:::::: cpe:2.3:h:juniper:srx345:-:::::::* cpe:2.3:o:juniper:junos:19.4:r1-s4:::::: cpe:2.3:o:juniper:junos:19.4:r3-s6:::::: cpe:2.3:o:juniper:junos:20.2:r3-s4:::::: cpe:2.3:o:juniper:junos:20.4:r2-s2:::::: cpe:2.3:o:juniper:junos:19.3:r2-s3:::::: cpe:2.3:o:juniper:junos:21.2:r2-s1:::::: cpe:2.3:o:juniper:junos:19.4:r2-s2:::::: cpe:2.3:o:juniper:junos:21.1:r2-s1:::::: cpe:2.3:o:juniper:junos:21.3:r2:::::: cpe:2.3:o:juniper:junos:19.4:r3-s8:::::: cpe:2.3:o:juniper:junos:20.3:-:::::: cpe:2.3:h:juniper:srx240:-:::::::* cpe:2.3:o:juniper:junos:20.4:r3-s1:::::: cpe:2.3:h:juniper:srx110:-:::::::* cpe:2.3:o:juniper:junos:20.3:r1-s2:::::: cpe:2.3:o:juniper:junos:20.4:r2-s1:::::: cpe:2.3:o:juniper:junos:20.4:-::::::

Information

Published : 2022-03-23 13:15

Updated : 2024-11-21 05:54

NVD link : CVE-2021-25220

Mitre link : CVE-2021-25220

CVE.ORG link : CVE-2021-25220

JSON object : View

Products Affected

netapp

h700s_firmware
h700s
h500e_firmware
h500s
h410s_firmware
h700e_firmware
h300s
h410c_firmware
h300s_firmware
h300e_firmware
h410s
h500s_firmware
h300e
h500e
h410c
h700e

juniper

srx220
srx340
srx345
srx210
srx1500
srx4600
srx550m
srx300
srx110
srx240
srx3400
srx100
srx5000
srx1400
srx550_hm
srx4100
srx320
srx3600
srx550
srx5400
srx380
srx5600
junos
srx5800
srx240m
srx4200
srx4000
srx650
srx240h2

fedoraproject

fedora

siemens

sinec_ins

isc

bind

CWE

CWE-444

Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

6.8 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope CHANGED

4.0 /10

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

JSON object

Attach tags to CVE-2021-25220

6.8^/10

4.0^/10

Attach tags to `CVE-2021-25220`