{
    "data_version": "4.0",
    "data_type": "CVE",
    "data_format": "MITRE",
    "CVE_data_meta": {
        "ID": "CVE-2023-5680",
        "ASSIGNER": "security-officer@isc.org",
        "STATE": "PUBLIC"
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "If a resolver cache has a very large number of ECS records stored for the same name, the process of cleaning the cache database node for this name can significantly impair query performance. \nThis issue affects BIND 9 versions 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1."
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "n/a"
                    }
                ]
            }
        ]
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "vendor_name": "ISC",
                    "product": {
                        "product_data": [
                            {
                                "product_name": "BIND 9",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_affected": "<=",
                                            "version_name": "9.11.3-S1",
                                            "version_value": "9.11.37-S1"
                                        },
                                        {
                                            "version_affected": "<=",
                                            "version_name": "9.16.8-S1",
                                            "version_value": "9.16.45-S1"
                                        },
                                        {
                                            "version_affected": "<=",
                                            "version_name": "9.18.11-S1",
                                            "version_value": "9.18.21-S1"
                                        }
                                    ]
                                }
                            }
                        ]
                    }
                }
            ]
        }
    },
    "references": {
        "reference_data": [
            {
                "url": "https://kb.isc.org/docs/cve-2023-5680",
                "refsource": "MISC",
                "name": "https://kb.isc.org/docs/cve-2023-5680"
            },
            {
                "url": "https://security.netapp.com/advisory/ntap-20240503-0005/",
                "refsource": "MISC",
                "name": "https://security.netapp.com/advisory/ntap-20240503-0005/"
            }
        ]
    },
    "source": {
        "discovery": "EXTERNAL"
    },
    "work_around": [
        {
            "lang": "en",
            "value": "There is no workaround for this issue other than disabling the ECS feature entirely."
        }
    ],
    "exploit": [
        {
            "lang": "en",
            "value": "We are not aware of any active exploits."
        }
    ],
    "solution": [
        {
            "lang": "en",
            "value": "Upgrade to the patched release most closely related to your current version of BIND 9: 9.16.48-S1 or 9.18.24-S1."
        }
    ],
    "credits": [
        {
            "lang": "en",
            "value": "ISC would like to thank Yann Kerherve and Ask Bj\u00f8rn Hansen for bringing this vulnerability to our attention."
        }
    ],
    "impact": {
        "cvss": [
            {
                "version": "3.1",
                "attackVector": "NETWORK",
                "attackComplexity": "LOW",
                "privilegesRequired": "NONE",
                "userInteraction": "NONE",
                "scope": "UNCHANGED",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "availabilityImpact": "LOW",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM"
            }
        ]
    }
}