CVE-2019-3807
First published: Tue Jan 29 2019(Updated: )
An issue has been found in PowerDNS Recursor versions 4.1.x before 4.1.9 where records in the answer section of responses received from authoritative servers with the AA flag not set were not properly validated, allowing an attacker to bypass DNSSEC validation.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| PowerDNS Recursor | >=4.1.0<=4.1.8 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2019-3807?
CVE-2019-3807 is a vulnerability found in PowerDNS Recursor versions 4.1.x before 4.1.9.
What is the severity of CVE-2019-3807?
CVE-2019-3807 has a severity rating of critical (9.8).
How does CVE-2019-3807 affect PowerDNS Recursor?
CVE-2019-3807 allows an attacker to bypass DNSSEC validation in PowerDNS Recursor versions 4.1.x before 4.1.9.
How can I fix CVE-2019-3807?
To fix CVE-2019-3807, update PowerDNS Recursor to version 4.1.9 or later.
Where can I find more information about CVE-2019-3807?
For more information about CVE-2019-3807, you can refer to the following references: [Red Hat Bugzilla](https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3807) and [PowerDNS Advisory](https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2019-02.html).
- collector/nvd-index
- agent/references
- agent/weakness
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/description
- agent/first-publish-date
- agent/author
- agent/tags
- agent/event
- vendor/powerdns
- canonical/powerdns recursor
- version/powerdns recursor/4.1.0
- version/powerdns recursor/4.1.8