Incomplete Zone Transfer Handling as Successful Transfers Vulnerability

Incomplete Zone Transfer Handling as Successful Transfers Vulnerability

CVE-2022-27227 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

In PowerDNS Authoritative Server before 4.4.3, 4.5.x before 4.5.4, and 4.6.x before 4.6.1 and PowerDNS Recursor before 4.4.8, 4.5.x before 4.5.8, and 4.6.x before 4.6.1, insufficient validation of an IXFR end condition causes incomplete zone transfers to be handled as successful transfers.

Learn more about our Cis Benchmark Audit For Server Software.