Vulnerability Name:

CVE-2019-10163 (CCN-162840)

Assigned:2019-06-21
Published:2019-06-21
Updated:2023-02-03
Summary:
CVSS v3 Severity:4.3 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)
3.8 Low (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
4.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)
3.8 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:4.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
4.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2019-10163

Source: secalert@redhat.com
Type: Mailing List, Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Mailing List, Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Vendor Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Issue Tracking, Patch, Third Party Advisory
secalert@redhat.com

Source: CCN
Type: PowerDNS Security Advisory 2019-05
Denial of service via NOTIFY packets

Source: secalert@redhat.com
Type: Vendor Advisory
secalert@redhat.com

Source: XF
Type: UNKNOWN
powerdns-cve201910163-dos(162840)

Source: CCN
Type: BugTraq Mailing List, Sun, 23 Jun 2019 21:02:15 +0000
[SECURITY] [DSA 4470-1] pdns security update

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2019-10163

Vulnerable Configuration:Configuration CCN 1:
  • cpe:/a:powerdns:authoritative:4.1.6:*:*:*:*:*:*:*
  • OR cpe:/a:powerdns:authoritative:4.1.8:*:*:*:*:*:*:*
  • OR cpe:/a:powerdns:authoritative:4.1.7:*:*:*:*:*:*:*
  • OR cpe:/a:powerdns:authoritative:4.1.5:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:201910163
    V
    		CVE-2019-10163
    2022-06-30
    oval:org.opensuse.security:def:93447
    P
    		 (Important)
    2022-04-12
    oval:org.opensuse.security:def:113102
    P
    		pdns-4.5.1-1.5 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:74316
    P
    		Security update for webkit2gtk3 (Important)
    2021-10-12
    oval:org.opensuse.security:def:106537
    P
    		pdns-4.5.1-1.5 on GA media (Moderate)
    2021-10-01
    oval:org.opensuse.security:def:63201
    P
    		dhcp-relay-4.3.5-4.15 on GA media (Moderate)
    2021-09-21
    oval:org.opensuse.security:def:63427
    P
    		libSDL2-2_0-0-32bit-2.0.8-9.63 on GA media (Moderate)
    2021-08-10
    oval:org.opensuse.security:def:62382
    P
    		cni-plugins-0.8.6-3.8.1 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:62381
    P
    		buildah-1.17.0-3.6.1 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:63063
    P
    		libopenssl-1_0_0-devel-1.0.2n-1.32 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:62861
    P
    		libtool-32bit-2.4.6-1.406 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:62405
    P
    		firewall-applet-0.5.3-2.3 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:62582
    P
    		libsrtp-devel-1.6.0-2.19 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:25575
    P
    		Security update for libX11 (Important)
    2020-12-01
    oval:org.opensuse.security:def:26412
    P
    		Security update for tor (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:64096
    P
    		Security update for gcc10 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25076
    P
    		Security update for cpio (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:64250
    P
    		file on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:63888
    P
    		Security update for w3m (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25284
    P
    		Security update for xrdp (Important)
    2020-12-01
    oval:org.opensuse.security:def:25716
    P
    		Security update for librsvg (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25425
    P
    		Security update for bluez (Important)
    2020-12-01
    oval:org.opensuse.security:def:25774
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:25628
    P
    		Security update for dpdk (Critical)
    2020-12-01
    oval:org.opensuse.security:def:25012
    P
    		Security update for mariadb, mariadb-connector-c (Important)
    2020-12-01
    oval:org.opensuse.security:def:26447
    P
    		Security update for pdns (Important)
    2020-12-01
    oval:org.opensuse.security:def:64138
    P
    		Security update for xorg-x11-server (Important)
    2020-12-01
    oval:org.opensuse.security:def:63754
    P
    		Security update for python3 (Important)
    2020-12-01
    oval:org.opensuse.security:def:25203
    P
    		Security update for mariadb (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25001
    P
    		Security update for python (Important)
    2020-12-01
    oval:org.opensuse.security:def:74190
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:63994
    P
    		Security update for dnsmasq (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25341
    P
    		Security update for postgresql, postgresql96, postgresql10 and postgresql12 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25730
    P
    		Security update for glibc (Important)
    2020-12-01
    oval:org.opensuse.security:def:100160
    P
    		Security update for pdns (Important)
    2019-08-15
    oval:org.opensuse.security:def:109940
    P
    		Security update for pdns (Important)
    2019-08-15
    oval:com.ubuntu.bionic:def:2019101630000000
    V
    		CVE-2019-10163 on Ubuntu 18.04 LTS (bionic) - medium.
    2019-07-30
    oval:com.ubuntu.xenial:def:2019101630000000
    V
    		CVE-2019-10163 on Ubuntu 16.04 LTS (xenial) - medium.
    2019-07-30
    oval:com.ubuntu.disco:def:2019101630000000
    V
    		CVE-2019-10163 on Ubuntu 19.04 (disco) - medium.
    2019-07-30
    oval:com.ubuntu.cosmic:def:2019101630000000
    V
    		CVE-2019-10163 on Ubuntu 18.10 (cosmic) - medium.
    2019-06-21
    BACK
    powerdns authoritative 4.1.6
    powerdns authoritative 4.1.8
    powerdns authoritative 4.1.7
    powerdns authoritative 4.1.5