{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T14:58:26.497","vulnerabilities":[{"cve":{"id":"CVE-2025-30192","sourceIdentifier":"security@open-xchange.com","published":"2025-07-21T13:15:26.740","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"An attacker spoofing answers to ECS enabled requests sent out by the Recursor has a chance of success higher than non-ECS enabled queries.\n\nThe updated version include various mitigations against spoofing attempts of ECS enabled queries by chaining ECS enabled requests and enforcing stricter validation of the received answers.\n\nThe most strict mitigation done when the new setting outgoing.edns_subnet_harden (old style name edns-subnet-harden) is enabled."},{"lang":"es","value":"Un atacante que suplante las respuestas a las solicitudes con ECS habilitadas enviadas por el Recursor tiene mayor probabilidad de éxito que las consultas sin ECS habilitadas. La versión actualizada incluye varias mitigaciones contra intentos de suplantación de consultas con ECS habilitadas mediante el encadenamiento de solicitudes con ECS habilitadas y una validación más estricta de las respuestas recibidas. La mitigación más estricta se realiza cuando se habilita la nueva configuración outgoing.edns_subnet_harden (antiguamente edns-subnet-harden)."}],"metrics":{"cvssMetricV31":[{"source":"security@open-xchange.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"security@open-xchange.com","type":"Secondary","description":[{"lang":"en","value":"CWE-345"}]}],"references":[{"url":"https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2025-04.html","source":"security@open-xchange.com"}]}}]}