CVE-2020-10995 — Uncontrolled Resource Consumption in Recursor
Severity
7.5HIGHNVD
EPSS
0.1%
top 74.41%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMay 19
Latest updateMay 24
Description
PowerDNS Recursor from 4.1.0 up to and including 4.3.0 does not sufficiently defend against amplification attacks. An issue in the DNS protocol has been found that allow malicious parties to use recursive DNS services to attack third party authoritative name servers. The attack uses a crafted reply by an authoritative name server to amplify the resulting traffic between the recursive and other authoritative name servers. Both types of service can suffer degraded performance as an effect. This is…
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6
Affected Packages3 packages
Also affects: Debian Linux 10.0, Fedora 31, 32
🔴Vulnerability Details
3📋Vendor Advisories
1Debian▶
CVE-2020-10995: pdns-recursor - PowerDNS Recursor from 4.1.0 up to and including 4.3.0 does not sufficiently def...↗2020
💬Community
3Bugzilla▶
CVE-2020-10995 pdns-recursor: issue in DNS protocol allows malicious parties to use recursive DNS services to attack third party authoritative name servers [epel-all]↗2020-05-26
Bugzilla▶
CVE-2020-10995 pdns-recursor: issue in DNS protocol allows malicious parties to use recursive DNS services to attack third party authoritative name servers↗2020-05-26
Bugzilla▶
CVE-2020-10995 pdns-recursor: issue in DNS protocol allows malicious parties to use recursive DNS services to attack third party authoritative name servers [fedora-all]↗2020-05-26