CVE-2017-15091

Severity Score

7.1

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

An issue has been found in the API component of PowerDNS Authoritative 4.x up to and including 4.0.4 and 3.x up to and including 3.4.11, where some operations that have an impact on the state of the server are still allowed even though the API has been configured as read-only via the api-readonly keyword. This missing check allows an attacker with valid API credentials to flush the cache, trigger a zone transfer or send a NOTIFY.

Se ha descubierto un problema en el componente API de PowerDNS Authoritative 4.x hasta e incluyendo la versión 4.0.4 y en versiones 3.x hasta la 3.4.11, también incluida, donde algunas operaciones que provocan un impacto en el estado del servidor siguen estando permitidas incluso aunque la API se haya configurado como solo lectura por medio de la palabra clave api-readonly. Esta falta de comprobación permite que un atacante con credenciales API válidas vacíe la caché, desencadene una trasferencia de zona o envíe un NOTIFY.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

Low

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

Single

Confidentiality

None

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2017-10-08 CVE Reserved
2018-01-23 CVE Published
2023-03-08 EPSS Updated
2024-08-05 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-358: Improperly Implemented Security Check for Standard
CWE-863: Incorrect Authorization

CAPEC

References (2)

URL	Tag	Source
http://www.securityfocus.com/bid/101982	Third Party Advisory

URL	Date	SRC

URL	Date	SRC
https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2017-04.html	2019-10-09

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Powerdns Search vendor "Powerdns"		Authoritative Search vendor "Powerdns" for product "Authoritative"				>= 3.0 <= 3.4.11 Search vendor "Powerdns" for product "Authoritative" and version " >= 3.0 <= 3.4.11"		-		Affected
Powerdns Search vendor "Powerdns"		Authoritative Search vendor "Powerdns" for product "Authoritative"				>= 4.0.0 <= 4.0.4 Search vendor "Powerdns" for product "Authoritative" and version " >= 4.0.0 <= 4.0.4"		-		Affected