CVE-2017-3143

Name: CVE-2017-3143
Creator: NVD / NIST
Published: 2019-01-16T20:29:00.58+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 18.22%

Last modified Jun 17, 2026

CVE-2017-3143 is a vulnerability of currently unknown severity. An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name for the zone and service being targeted may be able to manipulate BIND into accepting an unauthorized dynamic update. Affects BIND 9.4.0->9.8.8, 9.9.0->9.9.10-P1, 9.10.0->9.10.5-P1, 9.11.0->9.11.1-P1, 9.9.3-S1->9.9.10-S2, 9.10.5-S1->9.10.5-S2.. EPSS estimates a 18.22% chance of exploitation in the next 30 days.

Description

An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name for the zone and service being targeted may be able to manipulate BIND into accepting an unauthorized dynamic update. Affects BIND 9.4.0->9.8.8, 9.9.0->9.9.10-P1, 9.10.0->9.10.5-P1, 9.11.0->9.11.1-P1, 9.9.3-S1->9.9.10-S2, 9.10.5-S1->9.10.5-S2.

Metrics

EPSS Probability

18.22%

96.8th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions	Update
Isc	Bind	>= 9.4.0, <= 9.8.8	—
Isc	Bind	>= 9.9.0, <= 9.9.10	—
Isc	Bind	>= 9.10.0, <= 9.10.5	—
Isc	Bind	>= 9.11.0, <= 9.11.1	—
Isc	Bind	9.9.0	P1
Isc	Bind	9.9.3	S1
Isc	Bind	9.9.10	S2
Isc	Bind	9.10.5	P1
Isc	Bind	9.11.1	P1
Redhat	Enterprise Linux Desktop	6.0	—
Redhat	Enterprise Linux Desktop	7.0	—
Redhat	Enterprise Linux Server	6.0	—
Redhat	Enterprise Linux Server	7.0	—
Redhat	Enterprise Linux Server Aus	7.3	—
Redhat	Enterprise Linux Server Aus	7.4	—
Redhat	Enterprise Linux Server Aus	7.6	—
Redhat	Enterprise Linux Server Eus	7.3	—
Redhat	Enterprise Linux Server Eus	7.4	—
Redhat	Enterprise Linux Server Eus	7.5	—
Redhat	Enterprise Linux Server Eus	7.6	—
Redhat	Enterprise Linux Server Tus	7.3	—
Redhat	Enterprise Linux Server Tus	7.6	—
Redhat	Enterprise Linux Workstation	6.0	—
Redhat	Enterprise Linux Workstation	7.0	—
Debian	Debian Linux	8.0	—
Debian	Debian Linux	9.0	—

References

http://www.securityfocus.com/bid/99337Third Party Advisory, VDB Entry
http://www.securitytracker.com/id/1038809Third Party Advisory, VDB Entry
https://access.redhat.com/errata/RHSA-2017:1679Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:1680Third Party Advisory
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03772en_usThird Party Advisory
https://kb.isc.org/docs/aa-01503Vendor Advisory
https://security.netapp.com/advisory/ntap-20190830-0003/
https://www.debian.org/security/2017/dsa-3904Third Party Advisory
http://www.securityfocus.com/bid/99337Third Party Advisory, VDB Entry
http://www.securitytracker.com/id/1038809Third Party Advisory, VDB Entry
https://access.redhat.com/errata/RHSA-2017:1679Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:1680Third Party Advisory
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03772en_usThird Party Advisory
https://kb.isc.org/docs/aa-01503Vendor Advisory
https://security.netapp.com/advisory/ntap-20190830-0003/
https://www.debian.org/security/2017/dsa-3904Third Party Advisory

Timeline

Published: Jan 16, 2019
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2017-3143?

How severe is CVE-2017-3143?

Severity scoring for CVE-2017-3143 is pending analysis. The EPSS model estimates a 18.22% probability of exploitation in the next 30 days.

How do I fix CVE-2017-3143?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2017-3143?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST