cbcvebase.
CVE-2023-26437
published 2023-04-04

CVE-2023-26437: Denial of service vulnerability in PowerDNS Recursor allows authoritative servers to be marked unavailable.This issue affects Recursor: through 4.6.5, through…

PriorityP422medium5.3CVSS 3.1
AVNACLPRNUINSUCNINAL
EPSS
0.59%
43.9th percentile
Denial of service vulnerability in PowerDNS Recursor allows authoritative servers to be marked unavailable.This issue affects Recursor: through 4.6.5, through 4.7.4 , through 4.8.3.

Affected

5 ranges
VendorProductVersion rangeFixed in
debianpdns-recursor< pdns-recursor 4.8.4-1 (bookworm)pdns-recursor 4.8.4-1 (bookworm)
powerdnsrecursor< 4.6.64.6.6
powerdnsrecursor<= 4.6.5
powerdnsrecursor>= 4.7.0 < 4.7.54.7.5
powerdnsrecursor>= 4.8.0 < 4.8.44.8.4

CVSS provenance

nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
osv5.3MEDIUM
vendor_debian3.4LOW
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.