Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-52f2-92w4-mx97

Опубликовано: 24 мая 2022
Источник: github
Github: Не прошло ревью
CVSS3: 7.5

Описание

An issue has been found in PowerDNS Recursor 4.1.0 through 4.3.0 where records in the answer section of a NXDOMAIN response lacking an SOA were not properly validated in SyncRes::processAnswer, allowing an attacker to bypass DNSSEC validation.

An issue has been found in PowerDNS Recursor 4.1.0 through 4.3.0 where records in the answer section of a NXDOMAIN response lacking an SOA were not properly validated in SyncRes::processAnswer, allowing an attacker to bypass DNSSEC validation.

Ссылки

EPSS

Процентиль: 27%
0.00094
Низкий

7.5 High

CVSS3

CVE ID

CVE-2020-12244

Дефекты

CWE-20
CWE-347

Связанные уязвимости

ubuntu логотип

CVE-2020-12244

CVSS3: 7.5
ubuntu
больше 5 лет назад

An issue has been found in PowerDNS Recursor 4.1.0 through 4.3.0 where records in the answer section of a NXDOMAIN response lacking an SOA were not properly validated in SyncRes::processAnswer, allowing an attacker to bypass DNSSEC validation.

nvd логотип

CVE-2020-12244

CVSS3: 7.5
nvd
больше 5 лет назад

An issue has been found in PowerDNS Recursor 4.1.0 through 4.3.0 where records in the answer section of a NXDOMAIN response lacking an SOA were not properly validated in SyncRes::processAnswer, allowing an attacker to bypass DNSSEC validation.

debian логотип

CVE-2020-12244

CVSS3: 7.5
debian
больше 5 лет назад

An issue has been found in PowerDNS Recursor 4.1.0 through 4.3.0 where ...

fstec логотип

BDU:2020-03964

CVSS3: 7.5
fstec
больше 5 лет назад

Уязвимость функции SyncRes::processAnswer рекурсивного DNS-сервера PowerDNS Recursor, позволяющая нарушителю получить доступ к конфиденциальным данным

suse-cvrf логотип

openSUSE-SU-2020:0698-1

suse-cvrf
больше 5 лет назад

Security update for pdns-recursor

EPSS

Процентиль: 27%
0.00094
Низкий

7.5 High

CVSS3

CVE ID

CVE-2020-12244

Дефекты

CWE-20
CWE-347