Vulnerability Details CVE-2022-27227
In PowerDNS Authoritative Server before 4.4.3, 4.5.x before 4.5.4, and 4.6.x before 4.6.1 and PowerDNS Recursor before 4.4.8, 4.5.x before 4.5.8, and 4.6.x before 4.6.1, insufficient validation of an IXFR end condition causes incomplete zone transfers to be handled as successful transfers.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 30.0%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 4.3
References
- http://www.openwall.com/lists/oss-security/2022/03/25/1
- https://doc.powerdns.com/authoritative/security-advisories/index.html
- https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2022-01.html
- https://docs.powerdns.com/recursor/security-advisories/index.html
- https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2022-01.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2QKN56VWXUVFOYGUN75N5IRNK66OHTHT/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HEABZA46XYEUWMGSY2GYYVHISBVWEHIO/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPHOFNI7FKM5NNOVDOWO4TBXFAFICCUE/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZJSKICB67SPPEGNXCQLZVSWR6QGCN3KP/
- http://www.openwall.com/lists/oss-security/2022/03/25/1
- https://doc.powerdns.com/authoritative/security-advisories/index.html
- https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2022-01.html
- https://docs.powerdns.com/recursor/security-advisories/index.html
- https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2022-01.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2QKN56VWXUVFOYGUN75N5IRNK66OHTHT/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HEABZA46XYEUWMGSY2GYYVHISBVWEHIO/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPHOFNI7FKM5NNOVDOWO4TBXFAFICCUE/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZJSKICB67SPPEGNXCQLZVSWR6QGCN3KP/
Products affected by CVE-2022-27227
-
cpe:2.3:a:powerdns:authoritative_server:2.9.22
-
cpe:2.3:a:powerdns:authoritative_server:3.0
-
cpe:2.3:a:powerdns:authoritative_server:4.0.0
-
cpe:2.3:a:powerdns:authoritative_server:4.0.1
-
cpe:2.3:a:powerdns:authoritative_server:4.0.2
-
cpe:2.3:a:powerdns:authoritative_server:4.0.3
-
cpe:2.3:a:powerdns:authoritative_server:4.0.4
-
cpe:2.3:a:powerdns:authoritative_server:4.0.5
-
cpe:2.3:a:powerdns:authoritative_server:4.0.6
-
cpe:2.3:a:powerdns:authoritative_server:4.0.7
-
cpe:2.3:a:powerdns:authoritative_server:4.0.9
-
cpe:2.3:a:powerdns:authoritative_server:4.1.0
-
cpe:2.3:a:powerdns:authoritative_server:4.1.1
-
cpe:2.3:a:powerdns:authoritative_server:4.1.11
-
cpe:2.3:a:powerdns:authoritative_server:4.1.2
-
cpe:2.3:a:powerdns:authoritative_server:4.1.3
-
cpe:2.3:a:powerdns:authoritative_server:4.1.4
-
cpe:2.3:a:powerdns:authoritative_server:4.1.5
-
cpe:2.3:a:powerdns:authoritative_server:4.1.6
-
cpe:2.3:a:powerdns:authoritative_server:4.1.7
-
cpe:2.3:a:powerdns:authoritative_server:4.1.8
-
cpe:2.3:a:powerdns:authoritative_server:4.4.1
-
cpe:2.3:a:powerdns:authoritative_server:4.4.2
-
cpe:2.3:a:powerdns:authoritative_server:4.5.0
-
cpe:2.3:a:powerdns:authoritative_server:4.5.1
-
cpe:2.3:a:powerdns:authoritative_server:4.5.2
-
cpe:2.3:a:powerdns:authoritative_server:4.5.3
-
cpe:2.3:a:powerdns:authoritative_server:4.6.0
-
cpe:2.3:a:powerdns:recursor:3.0
-
cpe:2.3:a:powerdns:recursor:3.0.1
-
cpe:2.3:a:powerdns:recursor:3.1.1
-
cpe:2.3:a:powerdns:recursor:3.1.2
-
cpe:2.3:a:powerdns:recursor:3.1.3
-
cpe:2.3:a:powerdns:recursor:3.1.4
-
cpe:2.3:a:powerdns:recursor:3.1.5
-
cpe:2.3:a:powerdns:recursor:3.1.6
-
cpe:2.3:a:powerdns:recursor:3.1.7
-
cpe:2.3:a:powerdns:recursor:3.1.7.1
-
cpe:2.3:a:powerdns:recursor:3.1.7.2
-
cpe:2.3:a:powerdns:recursor:3.2
-
cpe:2.3:a:powerdns:recursor:3.3
-
cpe:2.3:a:powerdns:recursor:3.3.1
-
cpe:2.3:a:powerdns:recursor:3.5
-
cpe:2.3:a:powerdns:recursor:3.5.1
-
cpe:2.3:a:powerdns:recursor:3.5.2
-
cpe:2.3:a:powerdns:recursor:3.5.3
-
cpe:2.3:a:powerdns:recursor:3.6.0
-
cpe:2.3:a:powerdns:recursor:3.6.1
-
cpe:2.3:a:powerdns:recursor:3.6.2
-
cpe:2.3:a:powerdns:recursor:3.6.3
-
cpe:2.3:a:powerdns:recursor:3.6.4
-
cpe:2.3:a:powerdns:recursor:3.7.0
-
cpe:2.3:a:powerdns:recursor:3.7.1
-
cpe:2.3:a:powerdns:recursor:3.7.2
-
cpe:2.3:a:powerdns:recursor:3.7.3
-
cpe:2.3:a:powerdns:recursor:3.7.4
-
cpe:2.3:a:powerdns:recursor:4.0.0
-
cpe:2.3:a:powerdns:recursor:4.0.1
-
cpe:2.3:a:powerdns:recursor:4.0.2
-
cpe:2.3:a:powerdns:recursor:4.0.3
-
cpe:2.3:a:powerdns:recursor:4.0.4
-
cpe:2.3:a:powerdns:recursor:4.0.5
-
cpe:2.3:a:powerdns:recursor:4.0.6
-
cpe:2.3:a:powerdns:recursor:4.0.7
-
cpe:2.3:a:powerdns:recursor:4.0.8
-
cpe:2.3:a:powerdns:recursor:4.1.0
-
cpe:2.3:a:powerdns:recursor:4.1.1
-
cpe:2.3:a:powerdns:recursor:4.1.10
-
cpe:2.3:a:powerdns:recursor:4.1.11
-
cpe:2.3:a:powerdns:recursor:4.1.12
-
cpe:2.3:a:powerdns:recursor:4.1.13
-
cpe:2.3:a:powerdns:recursor:4.1.14
-
cpe:2.3:a:powerdns:recursor:4.1.15
-
cpe:2.3:a:powerdns:recursor:4.1.16
-
cpe:2.3:a:powerdns:recursor:4.1.17
-
cpe:2.3:a:powerdns:recursor:4.1.18
-
cpe:2.3:a:powerdns:recursor:4.1.2
-
cpe:2.3:a:powerdns:recursor:4.1.3
-
cpe:2.3:a:powerdns:recursor:4.1.4
-
cpe:2.3:a:powerdns:recursor:4.1.5
-
cpe:2.3:a:powerdns:recursor:4.1.6
-
cpe:2.3:a:powerdns:recursor:4.1.7
-
cpe:2.3:a:powerdns:recursor:4.1.8
-
cpe:2.3:a:powerdns:recursor:4.1.9
-
cpe:2.3:a:powerdns:recursor:4.2.0
-
cpe:2.3:a:powerdns:recursor:4.2.1
-
cpe:2.3:a:powerdns:recursor:4.2.2
-
cpe:2.3:a:powerdns:recursor:4.2.3
-
cpe:2.3:a:powerdns:recursor:4.2.4
-
cpe:2.3:a:powerdns:recursor:4.2.5
-
cpe:2.3:a:powerdns:recursor:4.3.0
-
cpe:2.3:a:powerdns:recursor:4.3.1
-
cpe:2.3:a:powerdns:recursor:4.3.2
-
cpe:2.3:a:powerdns:recursor:4.3.3
-
cpe:2.3:a:powerdns:recursor:4.3.4
-
cpe:2.3:a:powerdns:recursor:4.3.5
-
cpe:2.3:a:powerdns:recursor:4.3.6
-
cpe:2.3:a:powerdns:recursor:4.3.7
-
cpe:2.3:a:powerdns:recursor:4.4.0
-
cpe:2.3:a:powerdns:recursor:4.4.1
-
cpe:2.3:a:powerdns:recursor:4.4.2
-
cpe:2.3:a:powerdns:recursor:4.4.3
-
cpe:2.3:a:powerdns:recursor:4.4.4
-
cpe:2.3:a:powerdns:recursor:4.4.5
-
cpe:2.3:a:powerdns:recursor:4.4.6
-
cpe:2.3:a:powerdns:recursor:4.4.7
-
cpe:2.3:a:powerdns:recursor:4.5.0
-
cpe:2.3:a:powerdns:recursor:4.5.1
-
cpe:2.3:a:powerdns:recursor:4.5.2
-
cpe:2.3:a:powerdns:recursor:4.5.4
-
cpe:2.3:a:powerdns:recursor:4.5.5
-
cpe:2.3:a:powerdns:recursor:4.5.6
-
cpe:2.3:a:powerdns:recursor:4.5.7
-
cpe:2.3:a:powerdns:recursor:4.6.0
-
cpe:2.3:o:fedoraproject:fedora:34
-
cpe:2.3:o:fedoraproject:fedora:35
-
cpe:2.3:o:fedoraproject:fedora:36