PowerDNS before 2.9.18, when running with an LDAP backend, does not properly escape LDAP queries, which allows remote attackers to cause a denial of service (failure to answer ldap questions) and possibly conduct an LDAP injection attack.
Threat-Mapped Scoring
Score: 1.5
Priority: P4 - Informational (Low)
EPSS
Score: 0.00074Percentile:
0.23195
CVSS Scoring
CVSS v2 Score: 5.0
Severity:
Affected Products
cpe:2.3:a:powerdns:powerdns:2.9.0:*:*:*:*:*:*:*
cpe:2.3:a:powerdns:powerdns:2.9.1:*:*:*:*:*:*:*
cpe:2.3:a:powerdns:powerdns:2.9.2:*:*:*:*:*:*:*
cpe:2.3:a:powerdns:powerdns:2.9.3a:*:*:*:*:*:*:*
cpe:2.3:a:powerdns:powerdns:2.9.4:*:*:*:*:*:*:*
cpe:2.3:a:powerdns:powerdns:2.9.5:*:*:*:*:*:*:*
cpe:2.3:a:powerdns:powerdns:2.9.6:*:*:*:*:*:*:*
cpe:2.3:a:powerdns:powerdns:2.9.7:*:*:*:*:*:*:*
cpe:2.3:a:powerdns:powerdns:2.9.8:*:*:*:*:*:*:*
cpe:2.3:a:powerdns:powerdns:2.9.10:*:*:*:*:*:*:*
cpe:2.3:a:powerdns:powerdns:2.9.11:*:*:*:*:*:*:*
cpe:2.3:a:powerdns:powerdns:2.9.12:*:*:*:*:*:*:*
cpe:2.3:a:powerdns:powerdns:2.9.13:*:*:*:*:*:*:*
cpe:2.3:a:powerdns:powerdns:2.9.14:*:*:*:*:*:*:*
cpe:2.3:a:powerdns:powerdns:2.9.15:*:*:*:*:*:*:*
cpe:2.3:a:powerdns:powerdns:2.9.16:*:*:*:*:*:*:*
cpe:2.3:a:powerdns:powerdns:2.9.17:*:*:*:*:*:*:*
← Back to Home
BrownCoat Threat Intelligence Platform | 2025 Steve Gray — You Can’t Take the Sky from Me