{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T19:12:34.275","vulnerabilities":[{"cve":{"id":"CVE-2019-3807","sourceIdentifier":"secalert@redhat.com","published":"2019-01-29T17:29:00.350","lastModified":"2024-11-21T04:42:34.870","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue has been found in PowerDNS Recursor versions 4.1.x before 4.1.9 where records in the answer section of responses received from authoritative servers with the AA flag not set were not properly validated, allowing an attacker to bypass DNSSEC validation."},{"lang":"es","value":"Se ha encontrado un problema en PowerDNS Recursor, en versiones 4.1.x anteriores a la 4.1.9, en el que los registros en la sección \"answers\" de las respuestas recibidas desde servidores autoritativos sin el flag AA no se validaban correctamente, lo que permite que un atacante omita la validación DNSSEC."}],"metrics":{"cvssMetricV30":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N","baseScore":3.7,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":2.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:N","baseScore":6.4,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-345"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-295"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:powerdns:recursor:*:*:*:*:*:*:*:*","versionStartIncluding":"4.1.0","versionEndIncluding":"4.1.8","matchCriteriaId":"EFFE6AED-480B-4A19-9DD9-C8445ADBBC90"}]}]}],"references":[{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3807","source":"secalert@redhat.com","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2019-02.html","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3807","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2019-02.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}