{"api_version":"1","generated_at":"2026-04-22T21:02:50+00:00","cve":"CVE-2021-25214","urls":{"html":"https://cve.report/CVE-2021-25214","api":"https://cve.report/api/cve/CVE-2021-25214.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2021-25214","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2021-25214"},"summary":{"title":"CVE-2021-25214","description":"In BIND 9.8.5 -> 9.8.8, 9.9.3 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND 9 Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a malformed IXFR triggering the flaw described above, the named process will terminate due to a failed assertion the next time the transferred secondary zone is refreshed.","state":"PUBLIC","assigner":"security-officer@isc.org","published_at":"2021-04-29 01:15:00","updated_at":"2023-11-07 03:31:00"},"problem_types":["CWE-617"],"metrics":[],"references":[{"url":"https://kb.isc.org/v1/docs/cve-2021-25214","name":"https://kb.isc.org/v1/docs/cve-2021-25214","refsource":"CONFIRM","tags":[],"title":"CVE-2021-25214: A broken inbound incremental zone update (IXFR) can cause named to terminate unexpectedly - Security Advisories","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://security.netapp.com/advisory/ntap-20210521-0006/","name":"https://security.netapp.com/advisory/ntap-20210521-0006/","refsource":"CONFIRM","tags":[],"title":"April 2021 ISC BIND Vulnerabilities in NetApp Products | NetApp Product Security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://www.openwall.com/lists/oss-security/2021/04/29/3","name":"[oss-security] 20210429 Re: ISC discloses three BIND vulnerabilities (CVE-2021-25214, CVE-2021-25215, and CVE-2021-25216)","refsource":"MLIST","tags":[],"title":"oss-security - Re: ISC discloses three BIND vulnerabilities\n (CVE-2021-25214, CVE-2021-25215, and CVE-2021-25216)","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VEC2XG4Q2ODTN2C4CGXEIXU3EUTBMK7L/","name":"FEDORA-2021-ace61cbee1","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 34 Update: bind-dyndb-ldap-11.7-3.fc34 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZDSRPCJQ7MZC6CENH5PO3VQOFI7VSWBE/","name":"FEDORA-2021-47f23870ec","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 33 Update: bind-9.11.31-1.fc33 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VEC2XG4Q2ODTN2C4CGXEIXU3EUTBMK7L/","name":"FEDORA-2021-ace61cbee1","refsource":"","tags":[],"title":"[SECURITY] Fedora 34 Update: bind-dyndb-ldap-11.7-3.fc34 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf","name":"https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf","refsource":"CONFIRM","tags":[],"title":"","mime":"application/pdf","httpstatus":"200","archivestatus":"200"},{"url":"https://www.debian.org/security/2021/dsa-4909","name":"DSA-4909","refsource":"DEBIAN","tags":[],"title":"Debian -- Security Information -- DSA-4909-1 bind9","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://www.openwall.com/lists/oss-security/2021/04/29/1","name":"[oss-security] 20210428 ISC discloses three BIND vulnerabilities (CVE-2021-25214, CVE-2021-25215, and CVE-2021-25216)","refsource":"MLIST","tags":[],"title":"oss-security - ISC discloses three BIND vulnerabilities (CVE-2021-25214,\n CVE-2021-25215, and CVE-2021-25216)","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00001.html","name":"[debian-lts-announce] 20210504 [SECURITY] [DLA 2647-1] bind9 security update","refsource":"MLIST","tags":[],"title":"[SECURITY] [DLA 2647-1] bind9 security update","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDSRPCJQ7MZC6CENH5PO3VQOFI7VSWBE/","name":"FEDORA-2021-47f23870ec","refsource":"","tags":[],"title":"[SECURITY] Fedora 33 Update: bind-9.11.31-1.fc33 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.openwall.com/lists/oss-security/2021/04/29/2","name":"[oss-security] 20210429 Re: ISC discloses three BIND vulnerabilities (CVE-2021-25214, CVE-2021-25215, and CVE-2021-25216)","refsource":"MLIST","tags":[],"title":"oss-security - Re: ISC discloses three BIND vulnerabilities\n (CVE-2021-25214, CVE-2021-25215, and CVE-2021-25216)","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://www.openwall.com/lists/oss-security/2021/04/29/4","name":"[oss-security] 20210429 Re: ISC discloses three BIND vulnerabilities (CVE-2021-25214, CVE-2021-25215, and CVE-2021-25216)","refsource":"MLIST","tags":[],"title":"oss-security - Re: ISC discloses three BIND vulnerabilities\n (CVE-2021-25214, CVE-2021-25215, and CVE-2021-25216)","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2021-25214","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-25214","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[{"source":"LEGACY","value":"ISC would like to thank Greg Kuechle of SaskTel for bringing this vulnerability to our attention.","lang":""}],"nvd_cpes":[{"cve_year":"2021","cve_id":"25214","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"10.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"25214","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"9.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"25214","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"33","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"25214","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"34","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"25214","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"isc","cpe5":"bind","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"-","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"25214","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"isc","cpe5":"bind","cpe6":"9.10.5","cpe7":"s1","cpe8":"*","cpe9":"*","cpe10":"supported_preview","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"25214","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"isc","cpe5":"bind","cpe6":"9.10.7","cpe7":"s1","cpe8":"*","cpe9":"*","cpe10":"supported_preview","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"25214","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"isc","cpe5":"bind","cpe6":"9.11.12","cpe7":"s1","cpe8":"*","cpe9":"*","cpe10":"supported_preview","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"25214","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"isc","cpe5":"bind","cpe6":"9.11.21","cpe7":"s1","cpe8":"*","cpe9":"*","cpe10":"supported_preview","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"25214","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"isc","cpe5":"bind","cpe6":"9.11.27","cpe7":"s1","cpe8":"*","cpe9":"*","cpe10":"supported_preview","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"25214","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"isc","cpe5":"bind","cpe6":"9.11.29","cpe7":"s1","cpe8":"*","cpe9":"*","cpe10":"supported_preview","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"25214","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"isc","cpe5":"bind","cpe6":"9.11.3","cpe7":"s1","cpe8":"*","cpe9":"*","cpe10":"supported_preview","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"25214","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"isc","cpe5":"bind","cpe6":"9.11.5","cpe7":"s3","cpe8":"*","cpe9":"*","cpe10":"supported_preview","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"25214","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"isc","cpe5":"bind","cpe6":"9.11.5","cpe7":"s5","cpe8":"*","cpe9":"*","cpe10":"supported_preview","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"25214","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"isc","cpe5":"bind","cpe6":"9.11.5","cpe7":"s6","cpe8":"*","cpe9":"*","cpe10":"supported_preview","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"25214","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"isc","cpe5":"bind","cpe6":"9.11.6","cpe7":"s1","cpe8":"*","cpe9":"*","cpe10":"supported_preview","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"25214","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"isc","cpe5":"bind","cpe6":"9.11.7","cpe7":"s1","cpe8":"*","cpe9":"*","cpe10":"supported_preview","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"25214","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"isc","cpe5":"bind","cpe6":"9.11.8","cpe7":"s1","cpe8":"*","cpe9":"*","cpe10":"supported_preview","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"25214","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"isc","cpe5":"bind","cpe6":"9.16.11","cpe7":"s1","cpe8":"*","cpe9":"*","cpe10":"supported_preview","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"25214","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"isc","cpe5":"bind","cpe6":"9.16.13","cpe7":"s1","cpe8":"*","cpe9":"*","cpe10":"supported_preview","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"25214","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"isc","cpe5":"bind","cpe6":"9.16.8","cpe7":"s1","cpe8":"*","cpe9":"*","cpe10":"supported_preview","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"25214","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"isc","cpe5":"bind","cpe6":"9.9.12","cpe7":"s1","cpe8":"*","cpe9":"*","cpe10":"supported_preview","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"25214","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"isc","cpe5":"bind","cpe6":"9.9.13","cpe7":"s1","cpe8":"*","cpe9":"*","cpe10":"supported_preview","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"25214","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"isc","cpe5":"bind","cpe6":"9.9.3","cpe7":"s1","cpe8":"*","cpe9":"*","cpe10":"supported_preview","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"25214","vulnerable":"1","versionEndIncluding":"9.8.8","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"isc","cpe5":"bind","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"-","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"25214","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"active_iq_unified_manager","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"vsphere","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"25214","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"netapp","cpe5":"aff_500f","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"25214","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"netapp","cpe5":"aff_500f_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"25214","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"netapp","cpe5":"aff_a250","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"25214","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"netapp","cpe5":"aff_a250_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"25214","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"cloud_backup","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"25214","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"netapp","cpe5":"h300e","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"25214","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"netapp","cpe5":"h300e_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"25214","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"netapp","cpe5":"h300s","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"25214","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"netapp","cpe5":"h300s_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"25214","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"netapp","cpe5":"h410s","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"25214","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"netapp","cpe5":"h410s_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"25214","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"netapp","cpe5":"h500e","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"25214","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"netapp","cpe5":"h500e_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"25214","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"netapp","cpe5":"h500s","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"25214","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"netapp","cpe5":"h500s_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"25214","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"netapp","cpe5":"h700e","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"25214","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"netapp","cpe5":"h700e_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"25214","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"netapp","cpe5":"h700s","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"25214","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"netapp","cpe5":"h700s_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"25214","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"siemens","cpe5":"sinec_infrastructure_network_services","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2021-25214","qid":"15125","title":"ISC BIND Broken Inbound Incremental Zone Update Vulnerability"},{"cve":"CVE-2021-25214","qid":"159374","title":"Oracle Enterprise Linux Security Update for bind (ELSA-2021-3325)"},{"cve":"CVE-2021-25214","qid":"159501","title":"Oracle Enterprise Linux Security Update for bind (ELSA-2021-4384)"},{"cve":"CVE-2021-25214","qid":"174977","title":"SUSE Enterprise Linux Security Update for bind (SUSE-SU-2021:1469-1)"},{"cve":"CVE-2021-25214","qid":"174978","title":"SUSE Enterprise Linux Security Update for bind (SUSE-SU-2021:1471-1)"},{"cve":"CVE-2021-25214","qid":"174979","title":"SUSE Enterprise Linux Security Update for bind (SUSE-SU-2021:1468-1)"},{"cve":"CVE-2021-25214","qid":"178573","title":"Debian Security Update for bind9 (DSA 4909-1)"},{"cve":"CVE-2021-25214","qid":"178593","title":"Debian Security Update for bind9 (DSA 4909-1)"},{"cve":"CVE-2021-25214","qid":"178594","title":"Debian Security Update for bind9 (DLA 2647-1)"},{"cve":"CVE-2021-25214","qid":"180493","title":"Debian Security Update for bind9 (CVE-2021-25214)"},{"cve":"CVE-2021-25214","qid":"198348","title":"Ubuntu Security Notification for Bind vulnerabilities (USN-4929-1)"},{"cve":"CVE-2021-25214","qid":"239604","title":"Red Hat Update for bind (RHSA-2021:3325)"},{"cve":"CVE-2021-25214","qid":"239801","title":"Red Hat Update for bind (RHSA-2021:4384)"},{"cve":"CVE-2021-25214","qid":"257112","title":"CentOS Security Update for bind (CESA-2021:3325)"},{"cve":"CVE-2021-25214","qid":"281228","title":"Fedora Security Update for bind (FEDORA-2021-47f23870ec)"},{"cve":"CVE-2021-25214","qid":"281229","title":"Fedora Security Update for bind (FEDORA-2021-ace61cbee1)"},{"cve":"CVE-2021-25214","qid":"296068","title":"Oracle Solaris 11.4 Support Repository Update (SRU) 34.94.4 Missing (CPUAPR2021)"},{"cve":"CVE-2021-25214","qid":"352404","title":"Amazon Linux Security Advisory for bind: ALAS2-2021-1651"},{"cve":"CVE-2021-25214","qid":"375591","title":"F5 BIG-IP BIND Vulnerability (K11426315)"},{"cve":"CVE-2021-25214","qid":"377496","title":"Alibaba Cloud Linux Security Update for bind (ALINUX2-SA-2021:0053)"},{"cve":"CVE-2021-25214","qid":"500060","title":"Alpine Linux Security Update for bind"},{"cve":"CVE-2021-25214","qid":"503740","title":"Alpine Linux Security Update for bind"},{"cve":"CVE-2021-25214","qid":"670424","title":"EulerOS Security Update for bind (EulerOS-SA-2021-1975)"},{"cve":"CVE-2021-25214","qid":"670478","title":"EulerOS Security Update for bind (EulerOS-SA-2021-2236)"},{"cve":"CVE-2021-25214","qid":"670504","title":"EulerOS Security Update for bind (EulerOS-SA-2021-2262)"},{"cve":"CVE-2021-25214","qid":"670562","title":"EulerOS Security Update for bind (EulerOS-SA-2021-2320)"},{"cve":"CVE-2021-25214","qid":"670596","title":"EulerOS Security Update for bind (EulerOS-SA-2021-2354)"},{"cve":"CVE-2021-25214","qid":"671133","title":"EulerOS Security Update for bind (EulerOS-SA-2021-2572)"},{"cve":"CVE-2021-25214","qid":"672424","title":"EulerOS Security Update for dhcp (EulerOS-SA-2022-2842)"},{"cve":"CVE-2021-25214","qid":"672461","title":"EulerOS Security Update for dhcp (EulerOS-SA-2022-2817)"},{"cve":"CVE-2021-25214","qid":"672477","title":"EulerOS Security Update for dhcp (EulerOS-SA-2023-1032)"},{"cve":"CVE-2021-25214","qid":"672510","title":"EulerOS Security Update for dhcp (EulerOS-SA-2023-1007)"},{"cve":"CVE-2021-25214","qid":"730272","title":"McAfee Web Gateway Multiple Vulnerabilities (WP-3806,WP-4203,WP-3710,WP-4073,WP-3663,WP-4158,WP-4164,WP-3247)"},{"cve":"CVE-2021-25214","qid":"750091","title":"SUSE Enterprise Linux Security Update for bind (SUSE-SU-2021:1826-1)"},{"cve":"CVE-2021-25214","qid":"750231","title":"OpenSUSE Security Update for bind (openSUSE-SU-2021:0668-1)"},{"cve":"CVE-2021-25214","qid":"750804","title":"OpenSUSE Security Update for bind (openSUSE-SU-2021:1826-1)"},{"cve":"CVE-2021-25214","qid":"900029","title":"CBL-Mariner Linux Security Update for bind 9.16.3"},{"cve":"CVE-2021-25214","qid":"903518","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for bind (4176)"},{"cve":"CVE-2021-25214","qid":"940108","title":"AlmaLinux Security Update for bind (ALSA-2021:4384)"},{"cve":"CVE-2021-25214","qid":"960838","title":"Rocky Linux Security Update for bind (RLSA-2021:4384)"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"security-officer@isc.org","DATE_PUBLIC":"2021-04-28T20:19:47.000Z","ID":"CVE-2021-25214","STATE":"PUBLIC","TITLE":"A broken inbound incremental zone update (IXFR) can cause named to terminate unexpectedly"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"BIND9","version":{"version_data":[{"version_name":"Open Source Branch 9.8","version_value":"9.8.5 through 9.8.8"},{"version_name":"Open Source Branches 9.9 through 9.11","version_value":"9.9.3 through versions before 9.11.30"},{"version_name":"Open Source Branches 9.12 through 9.16","version_value":"9.12.0 through versions before 9.16.14"},{"version_name":"Supported Preview Branches 9.9-S through 9.11-S","version_value":"9.9.3-S1 through versions before 9.11.30-S1"},{"version_name":"Supported Preview Branch 9.16-S","version_value":"9.16.8-S1 through versions before 9.16.14-S1"},{"version_name":"Development Branch 9.17","version_value":"9.17.0 through versiosn before 9.17.12"}]}}]},"vendor_name":"ISC"}]}},"credit":[{"lang":"eng","value":"ISC would like to thank Greg Kuechle of SaskTel for bringing this vulnerability to our attention."}],"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"In BIND 9.8.5 -> 9.8.8, 9.9.3 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND 9 Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a malformed IXFR triggering the flaw described above, the named process will terminate due to a failed assertion the next time the transferred secondary zone is refreshed."}]},"exploit":[{"lang":"eng","value":"We are not aware of any active exploits."}],"generator":{"engine":"Vulnogram 0.0.9"},"impact":{"cvss":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":6.5,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Incremental zone transfers (IXFR) provide a way of transferring changed portion(s) of a zone between servers. An IXFR stream containing SOA records with an owner name other than the transferred zone's apex may cause the receiving named server to inadvertently remove the SOA record for the zone in question from the zone database. This leads to an assertion failure when the next SOA refresh query for that zone is made.  Affects BIND 9.8.5 -> 9.8.8, 9.9.3 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND 9 Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch."}]}]},"references":{"reference_data":[{"name":"https://kb.isc.org/v1/docs/cve-2021-25214","refsource":"CONFIRM","url":"https://kb.isc.org/v1/docs/cve-2021-25214"},{"refsource":"MLIST","name":"[oss-security] 20210428 ISC discloses three BIND vulnerabilities (CVE-2021-25214, CVE-2021-25215, and CVE-2021-25216)","url":"http://www.openwall.com/lists/oss-security/2021/04/29/1"},{"refsource":"MLIST","name":"[oss-security] 20210429 Re: ISC discloses three BIND vulnerabilities (CVE-2021-25214, CVE-2021-25215, and CVE-2021-25216)","url":"http://www.openwall.com/lists/oss-security/2021/04/29/2"},{"refsource":"MLIST","name":"[oss-security] 20210429 Re: ISC discloses three BIND vulnerabilities (CVE-2021-25214, CVE-2021-25215, and CVE-2021-25216)","url":"http://www.openwall.com/lists/oss-security/2021/04/29/3"},{"refsource":"MLIST","name":"[oss-security] 20210429 Re: ISC discloses three BIND vulnerabilities (CVE-2021-25214, CVE-2021-25215, and CVE-2021-25216)","url":"http://www.openwall.com/lists/oss-security/2021/04/29/4"},{"refsource":"DEBIAN","name":"DSA-4909","url":"https://www.debian.org/security/2021/dsa-4909"},{"refsource":"MLIST","name":"[debian-lts-announce] 20210504 [SECURITY] [DLA 2647-1] bind9 security update","url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00001.html"},{"refsource":"FEDORA","name":"FEDORA-2021-ace61cbee1","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VEC2XG4Q2ODTN2C4CGXEIXU3EUTBMK7L/"},{"refsource":"FEDORA","name":"FEDORA-2021-47f23870ec","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZDSRPCJQ7MZC6CENH5PO3VQOFI7VSWBE/"},{"refsource":"CONFIRM","name":"https://security.netapp.com/advisory/ntap-20210521-0006/","url":"https://security.netapp.com/advisory/ntap-20210521-0006/"},{"refsource":"CONFIRM","name":"https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"}]},"solution":[{"lang":"eng","value":"Upgrade to the patched release most closely related to your current version of BIND:\n\n    BIND 9.11.31\n    BIND 9.16.15\n    BIND 9.17.12\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n    BIND 9.11.31-S1\n    BIND 9.16.15-S1"}],"source":{"discovery":"USER"},"work_around":[{"lang":"eng","value":"Disabling incremental zone transfers (IXFR) by setting request-ixfr no; in the desired configuration block (options, zone, or server) prevents the failing assertion from being evaluated."}]},"nvd":{"publishedDate":"2021-04-29 01:15:00","lastModifiedDate":"2023-11-07 03:31:00","problem_types":["CWE-617"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":6.5,"baseSeverity":"MEDIUM"},"exploitabilityScore":2.8,"impactScore":3.6},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:N/I:N/A:P","accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL","baseScore":4},"severity":"MEDIUM","exploitabilityScore":8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:isc:bind:9.11.7:s1:*:*:supported_preview:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:isc:bind:9.11.3:s1:*:*:supported_preview:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:isc:bind:9.11.6:s1:*:*:supported_preview:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:isc:bind:9.10.5:s1:*:*:supported_preview:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:isc:bind:9.11.5:s5:*:*:supported_preview:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:isc:bind:9.11.5:s3:*:*:supported_preview:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:isc:bind:9.9.3:s1:*:*:supported_preview:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:isc:bind:9.10.7:s1:*:*:supported_preview:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:isc:bind:9.11.5:s6:*:*:supported_preview:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:isc:bind:9.11.12:s1:*:*:supported_preview:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:isc:bind:9.11.8:s1:*:*:supported_preview:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:isc:bind:9.9.12:s1:*:*:supported_preview:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:isc:bind:9.9.13:s1:*:*:supported_preview:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:isc:bind:9.11.21:s1:*:*:supported_preview:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:isc:bind:9.16.8:s1:*:*:supported_preview:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:isc:bind:9.16.11:s1:*:*:supported_preview:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:isc:bind:9.11.27:s1:*:*:supported_preview:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:isc:bind:9.16.13:s1:*:*:supported_preview:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:isc:bind:9.11.29:s1:*:*:supported_preview:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*","versionStartIncluding":"9.8.5","versionEndIncluding":"9.8.8","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*","versionStartIncluding":"9.9.3","versionEndExcluding":"9.11.31","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*","versionStartIncluding":"9.12.0","versionEndExcluding":"9.16.15","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*","versionStartIncluding":"9.17.0","versionEndExcluding":"9.17.12","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.1.1","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vsphere:*:*","cpe_name":[]}]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:netapp:aff_a250_firmware:-:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:netapp:aff_a250:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:netapp:aff_500f_firmware:-:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:netapp:aff_500f:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]}]}},"legacy_mitre":{"record":{"CveYear":"2021","CveId":"25214","Ordinal":"199989","Title":"CVE-2021-25214","CVE":"CVE-2021-25214","Year":"2021"},"notes":[{"CveYear":"2021","CveId":"25214","Ordinal":"1","NoteData":"In BIND 9.8.5 -> 9.8.8, 9.9.3 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND 9 Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a malformed IXFR triggering the flaw described above, the named process will terminate due to a failed assertion the next time the transferred secondary zone is refreshed.","Type":"Description","Title":null},{"CveYear":"2021","CveId":"25214","Ordinal":"2","NoteData":"2021-04-28","Type":"Other","Title":"Published"},{"CveYear":"2021","CveId":"25214","Ordinal":"3","NoteData":"2021-05-21","Type":"Other","Title":"Modified"}]}}}