Improper Enforcement of ACL in PowerDNS Recursor Versions up to 4.3.1, 4.2.2, and 4.1.16

Improper Enforcement of ACL in PowerDNS Recursor Versions up to 4.3.1, 4.2.2, and 4.1.16

CVE-2020-14196 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

In PowerDNS Recursor versions up to and including 4.3.1, 4.2.2 and 4.1.16, the ACL restricting access to the internal web server is not properly enforced.

Learn more about our Web App Pen Testing.