CVE-2020-17482

CVSS v3.1

4.3

Medium

AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions PowerDNS Authoritative Server versions prior to 4.3.1

Description An issue has been found where an authorized user with the ability to insert crafted records into a zone might be able to leak the content of uninitialized memory.

Recommendations For versions prior to 4.3.1, update to version 4.3.1 or later to resolve the issue. As a temporary workaround, consider restricting access to zone record insertion to minimize the risk of exploitation.

Fix

Use of Uninitialized Resource

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-908

Related Identifiers

ALT-PU-2022-2644

ALT-PU-2022-3173

CVE-2020-17482

MGASA-2020-0375

OPENSUSE-SU-2020:1556-1

OPENSUSE-SU-2020_1556-1

OPENSUSE-SU-2024:11156-1

SUSE-SU-2020:2718-1

SUSE-SU-2020:2785-1

USN-7203-1

Affected Products

Alt Linux

Linuxmint

Powerdns Authoritative Server

Suse

Ubuntu

CVE-2020-17482

Weakness Enumeration

Related Identifiers

Affected Products

References · 53