CVE-2019-3807
Published Jan 29, 2019
Last updated 5 years ago
Overview
- Description
- An issue has been found in PowerDNS Recursor versions 4.1.x before 4.1.9 where records in the answer section of responses received from authoritative servers with the AA flag not set were not properly validated, allowing an attacker to bypass DNSSEC validation.
- Source
- secalert@redhat.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
CVSS 2.0
- Type
- Primary
- Base score
- 6.4
- Impact score
- 4.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:N
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:powerdns:recursor:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EFFE6AED-480B-4A19-9DD9-C8445ADBBC90",
"versionEndIncluding": "4.1.8",
"versionStartIncluding": "4.1.0"
}
],
"operator": "OR"
}
]
}
]