CVE-2023-26437
LOWPowerDNS Recursor < 4.6.6 - Denial of Service via Authoritative Server Unavailability
Title source: llmDescription
Denial of service vulnerability in PowerDNS Recursor allows authoritative servers to be marked unavailable.This issue affects Recursor: through 4.6.5, through 4.7.4 , through 4.8.3.
References (3)
Core 3
Core References
Vendor Advisory
https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2023-02.html
Mailing List, Third Party Advisory
https://lists.fedoraproject.org/archives/list/[email protected]/message/CN7VMRYKZHG2UDUAK326LXD3JY7NO3LR/
Mailing List, Third Party Advisory
https://lists.fedoraproject.org/archives/list/[email protected]/message/IHPD6SIQOG7245GXFQHPUEI4AZ6Y3KD6/
Scores
CVSS v3
3.4
EPSS
0.0059
EPSS Percentile
43.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:N/A:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-400
Status
published
Products (1)
powerdns/recursor
< 4.6.6
Published
Apr 04, 2023
Tracked Since
Feb 18, 2026