Unrated severityNVD Advisory· Published Jul 1, 2020· Updated Aug 4, 2024
CVE-2020-14196
CVE-2020-14196
Description
In PowerDNS Recursor versions up to and including 4.3.1, 4.2.2 and 4.1.16, the ACL restricting access to the internal web server is not properly enforced.
Affected products
7- PowerDNS/Recursordescription
- osv-coords6 versionspkg:rpm/opensuse/pdns-recursor&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/pdns-recursor&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/pdns-recursor&distro=openSUSE%20Tumbleweedpkg:rpm/suse/pdns-recursor&distro=SUSE%20Package%20Hub%2012%20SP1pkg:rpm/suse/pdns-recursor&distro=SUSE%20Package%20Hub%2015%20SP1pkg:rpm/suse/pdns-recursor&distro=SUSE%20Package%20Hub%2015%20SP2
< 4.1.12-bp151.4.6.1+ 5 more
- (no CPE)range: < 4.1.12-bp151.4.6.1
- (no CPE)range: < 4.1.12-bp151.4.6.1
- (no CPE)range: < 4.5.5-1.3
- (no CPE)range: < 4.1.12-bp151.4.6.1
- (no CPE)range: < 4.1.12-bp151.4.6.1
- (no CPE)range: < 4.3.5-bp152.2.12.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7- lists.opensuse.org/opensuse-security-announce/2020-07/msg00043.htmlmitrevendor-advisoryx_refsource_SUSE
- lists.opensuse.org/opensuse-security-announce/2020-09/msg00042.htmlmitrevendor-advisoryx_refsource_SUSE
- lists.opensuse.org/opensuse-security-announce/2020-09/msg00044.htmlmitrevendor-advisoryx_refsource_SUSE
- lists.opensuse.org/opensuse-security-announce/2020-10/msg00036.htmlmitrevendor-advisoryx_refsource_SUSE
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7TUNCUZNASYSTVD35QGFAI6XO2BFMQ2F/mitrevendor-advisoryx_refsource_FEDORA
- doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2020-04.htmlmitrex_refsource_CONFIRM
- www.openwall.com/lists/oss-security/2020/07/01/1mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.