CVSS Score of 10 (low)


Published Jun 21, 2023
Updated: Jul 3, 2023


CVE-2023-2829 is a vulnerability that affects BIND 9 versions 9.16.8-S1 through 9.16.41-S1 and 9.18.11-S1 through 9.18.15-S1. This vulnerability allows a named instance configured to run as a DNSSEC-validating recursive resolver with the Aggressive Use of DNSSEC-Validated Cache (RFC 8198) option enabled to be remotely terminated by using a zone with a malformed NSEC record. The potential danger of this vulnerability is rated as HIGH, with a base score of 7.5 out of 10, indicating that it could have a significant impact on the availability of affected systems. To remediate this vulnerability, users are advised to upgrade to the latest version of BIND that includes the necessary fix for this issue.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-2829 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options