CVE-2023-4408

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Feb 13, 2024
Updated: Apr 26, 2024

Summary

CVE-2023-4408 is a vulnerability that affects the DNS message parsing code in `named`. Crafted queries and responses can exploit this flaw, causing excessive CPU load on the affected `named` instance. Both authoritative servers and recursive resolvers are impacted by this issue. The vulnerability affects BIND 9 versions 9.0.0 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.9.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1 versions of the software product.

Share

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-4408 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options