On vulnerable configurations, the named daemon may, in some circumstances, terminate with an assertion failure. Vulnerable configurations are those that include a reference to http within the listen-on statements in their named.conf. TLS is used by both DNS over TLS (DoT) and DNS over HTTPS (DoH), but configurations using DoT alone are unaffected. Affects BIND 9.18.0 -> 9.18.2 and version 9.19.0 of the BIND 9.19 development branch.
References
Link | Resource |
---|---|
https://kb.isc.org/docs/cve-2022-1183 | Vendor Advisory |
https://security.netapp.com/advisory/ntap-20220707-0002/ | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
History
07 Oct 2022, 15:26
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:* |
|
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20220707-0002/ - Third Party Advisory | |
First Time |
Netapp h500s
Netapp h700s Netapp h300s Netapp h410c Netapp h410c Firmware Netapp h410s Firmware Netapp Netapp h300s Firmware Netapp h700s Firmware Netapp h410s Netapp h500s Firmware |
07 Jul 2022, 15:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
01 Jun 2022, 20:04
Type | Values Removed | Values Added |
---|---|---|
First Time |
Isc
Isc bind |
|
CVSS |
v2 : v3 : |
v2 : 4.3
v3 : 7.5 |
CPE | cpe:2.3:a:isc:bind:9.19.0:*:*:*:-:*:*:* cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:* |
|
CWE | CWE-617 | |
References | (CONFIRM) https://kb.isc.org/docs/cve-2022-1183 - Vendor Advisory |
19 May 2022, 10:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-05-19 10:15
Updated : 2023-12-10 14:22
NVD link : CVE-2022-1183
Mitre link : CVE-2022-1183
CVE.ORG link : CVE-2022-1183
JSON object : View
Products Affected
netapp
- h700s_firmware
- h410c
- h300s_firmware
- h500s
- h300s
- h410s
- h410s_firmware
- h500s_firmware
- h410c_firmware
- h700s
isc
- bind
CWE
CWE-617
Reachable Assertion