7.5
CVE-2022-27227
- EPSS 0.11%
- Published 25.03.2022 15:15:07
- Last modified 21.11.2024 06:55:27
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
In PowerDNS Authoritative Server before 4.4.3, 4.5.x before 4.5.4, and 4.6.x before 4.6.1 and PowerDNS Recursor before 4.4.8, 4.5.x before 4.5.8, and 4.6.x before 4.6.1, insufficient validation of an IXFR end condition causes incomplete zone transfers to be handled as successful transfers.
Data is provided by the National Vulnerability Database (NVD)
Powerdns ≫ Authoritative Server Version < 4.4.3
Powerdns ≫ Authoritative Server Version >= 4.5.0 < 4.5.4
Powerdns ≫ Authoritative Server Version >= 4.6.0 < 4.6.1
Fedoraproject ≫ Fedora Version34
Fedoraproject ≫ Fedora Version35
Fedoraproject ≫ Fedora Version36
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.11% | 0.299 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:N/A:P
|