Cisco Recursor Denial of Service Vulnerability
CVE-2024-25583

7.5HIGH

Key Information:

Vendor: Powerdns
Status: Recursor
Vendor: CVE Published:; 25 April 2024

What is CVE-2024-25583?

A vulnerability exists in the PowerDNS Recursor, wherein a specially crafted response from an upstream server configured for recursive forwarding can lead to a Denial of Service attack. While the default configuration does not utilize recursive forwarding and remains unaffected, systems that have modified their settings may be vulnerable. Maintaining awareness of configuration settings and applying relevant security measures is essential to safeguard against potential exploitation.

Affected Version(s)

Recursor 4.8.7

Recursor 4.9.4

Recursor 5.0.3

References

https://doc.powerdns.com/recursor/security-advisories/pow...

http://www.openwall.com/lists/oss-security/2024/04/24/1

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 25, 2024
Vulnerability Reserved
Feb 8, 2024

JSON

Powerdns

What is CVE-2024-25583?

Affected Version(s)

References

CVSS V3.1

Timeline