vulnerability

ISC BIND: Update-policy rules of type "subdomain" are enforced incorrectly (CVE-2020-8624)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:L/Au:S/C:N/I:P/A:N)	Aug 21, 2020	Sep 8, 2020	Aug 11, 2025

Severity

CVSS

(AV:N/AC:L/Au:S/C:N/I:P/A:N)

Published

Aug 21, 2020

Added

Sep 8, 2020

Modified

Aug 11, 2025

Description

In BIND 9.9.12 -> 9.9.13, 9.10.7 -> 9.10.8, 9.11.3 -> 9.11.21, 9.12.1 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.12-S1 -> 9.9.13-S1, 9.11.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker who has been granted privileges to change a specific subset of the zone's content could abuse these unintended additional privileges to update other contents of the zone.

Solution

upgrade-isc-bind-latest

References

CVE-2020-8624
https://attackerkb.com/topics/CVE-2020-8624
CWE-269
URL-https://kb.isc.org/v1/docs/cve-2020-8624

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today