How severe is CVE-2018-5736?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.3 out of 10.

What type of vulnerability is CVE-2018-5736?

This is classified as CWE-617, which is a common weakness in software security.

CVE-2018-5736 - MEDIUM Severity | CVSS 5.3

Vulnerability Description

An error in zone database reference counting can lead to an assertion failure if a server which is running an affected version of BIND attempts several transfers of a slave zone in quick succession. This defect could be deliberately exercised by an attacker who is permitted to cause a vulnerable server to initiate zone transfers (for example: by sending valid NOTIFY messages), causing the named process to exit after failing the assertion test. Affects BIND 9.12.0 and 9.12.1.

Related Vulnerabilities

CVE-2017-3138

MEDIUM

CVSS:5.3(Medium)

named contains a feature which allows operators to issue commands to a running server by communicating with the server process over a control channel, using a utility program such as rndc. A regressio...

CWE-6172017

CVE-2018-20217

MEDIUM

CVSS:5.3(Medium)

A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type (single-DES, triple-DES, or RC4...

CWE-6172018

CVE-2019-6468

MEDIUM

CVSS:5.3(Medium)

In BIND Supported Preview Edition, an error in the nxdomain-redirect feature can occur in versions which support EDNS Client Subnet (ECS) features. In those versions which have ECS support, enabling n...

CWE-6172019

CVE-2021-28090

MEDIUM

CVSS:5.3(Medium)

Tor before 0.4.5.7 allows a remote attacker to cause Tor directory authorities to exit with an assertion failure, aka TROVE-2021-002.

CWE-6172021

CVE-2023-33199

MEDIUM

CVSS:5.3(Medium)

Rekor's goals are to provide an immutable tamper resistant ledger of metadata generated within a software projects supply chain. A malformed proposed entry of the `intoto/v0.0.2` type can cause a pani...

CWE-6172023

CVE-2023-37002

MEDIUM

CVSS:5.3(Medium)

Open5GS MME versions <= 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send an `E-RAB Modification Indication` message ...

CWE-6172023