CVE Vulnerabilities

CVE-2022-27227

Published: Mar 25, 2022 | Modified: Nov 21, 2024
CVSS 3.x
7.5
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM

In PowerDNS Authoritative Server before 4.4.3, 4.5.x before 4.5.4, and 4.6.x before 4.6.1 and PowerDNS Recursor before 4.4.8, 4.5.x before 4.5.8, and 4.6.x before 4.6.1, insufficient validation of an IXFR end condition causes incomplete zone transfers to be handled as successful transfers.

Affected Software

Name Vendor Start Version End Version
Authoritative_server Powerdns * 4.4.3 (excluding)
Authoritative_server Powerdns 4.5.0 (including) 4.5.4 (excluding)
Authoritative_server Powerdns 4.6.0 (including) 4.6.1 (excluding)
Recursor Powerdns * 4.4.8 (excluding)
Recursor Powerdns 4.5.0 (including) 4.5.8 (excluding)
Recursor Powerdns 4.6.0 (including) 4.6.1 (excluding)
Pdns Ubuntu bionic *
Pdns Ubuntu esm-apps/bionic *
Pdns Ubuntu esm-apps/focal *
Pdns Ubuntu esm-apps/jammy *
Pdns Ubuntu esm-apps/xenial *
Pdns Ubuntu focal *
Pdns Ubuntu impish *
Pdns Ubuntu jammy *
Pdns Ubuntu kinetic *
Pdns Ubuntu trusty *
Pdns Ubuntu upstream *
Pdns Ubuntu xenial *
Pdns-recursor Ubuntu bionic *
Pdns-recursor Ubuntu esm-apps/bionic *
Pdns-recursor Ubuntu esm-apps/focal *
Pdns-recursor Ubuntu esm-apps/jammy *
Pdns-recursor Ubuntu esm-apps/xenial *
Pdns-recursor Ubuntu focal *
Pdns-recursor Ubuntu impish *
Pdns-recursor Ubuntu jammy *
Pdns-recursor Ubuntu kinetic *
Pdns-recursor Ubuntu trusty *
Pdns-recursor Ubuntu upstream *
Pdns-recursor Ubuntu xenial *

References