Powerdns Authoritative
Approved changes feed: RSS · Atom
cpe:2.3:a:powerdns:powerdns_authoritative:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Powerdns (ef825119-8390-5906-a637-f6692acc90eb) |
|---|---|
| Product | Powerdns Authoritative (65a31f90-243a-574e-8447-4dd0dcdfd0eb) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2017-15091 |
vulnerable | 2026-06-08 05:08:57.829537 |
Details available
An issue has been found in the API component of PowerDNS Authoritative 4.x up to and including 4.0.4 and 3.x up to and including 3.4.11, where some operations that have an impact on the state of the server are still allowed even though the API has been configured as read-only via the api-readonly keyword. This missing check allows an attacker with valid API credentials to flush the cache, trigger a zone transfer or send a NOTIFY.
Published: 2018-01-23T15:00:00.000Z
Updated: 2024-08-05T19:50:14.942Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.