CVE-2025-30189 is a vulnerability affecting Open-Xchange GmbH's OX Dovecot Pro mail server software. The issue arises when caching is enabled for passdb/userdb drivers, which are responsible for user authentication and database lookups. Due to improper preservation of consistency between independent representations of shared state, multiple users are cached under the same cache key. This causes the system to serve cached login information of one user to others, effectively allowing subsequent logins to be authenticated as the same user. This flaw can lead to unauthorized access, as users may gain access to another user's mailbox or data without proper credentials. The vulnerability does not require any privileges or user interaction to exploit, but the attack complexity is high, likely due to the need to trigger specific caching conditions. The impact affects confidentiality and integrity, as unauthorized access compromises sensitive information and allows potential data manipulation. Availability is not impacted. No public exploits are currently known, but the vulnerability is rated with a CVSS 3.1 score of 7.4 (high severity). Mitigation options include installing a fixed version of OX Dovecot Pro or disabling caching either globally or specifically for the affected passdb/userdb drivers to prevent incorrect caching behavior.

For European organizations, this vulnerability poses a significant risk to the confidentiality and integrity of email communications and stored data. Organizations relying on OX Dovecot Pro for mail services may experience unauthorized access incidents where attackers or legitimate users could gain access to other users' mailboxes, leading to data breaches, leakage of sensitive information, and potential compliance violations under GDPR. The flaw could undermine trust in organizational email infrastructure and cause operational disruptions due to investigation and remediation efforts. Since availability is not affected, service disruption is unlikely, but the breach of confidentiality and integrity can have severe reputational and legal consequences. Organizations in sectors such as finance, government, healthcare, and critical infrastructure in Europe, where secure email communication is essential, are particularly vulnerable. The lack of public exploits reduces immediate risk but does not eliminate the threat, especially if attackers develop exploits in the future.

European organizations should prioritize upgrading to the fixed version of OX Dovecot Pro as soon as it becomes available from Open-Xchange GmbH. Until patches are applied, administrators should disable caching globally or at least for the impacted passdb/userdb drivers to prevent the incorrect caching behavior. It is critical to audit current caching configurations and verify that no shared cache keys are used across different users. Implement strict access controls and monitoring on mail server authentication logs to detect anomalous login patterns that may indicate exploitation attempts. Additionally, organizations should conduct internal penetration testing and vulnerability assessments focused on authentication mechanisms in OX Dovecot Pro deployments. Regularly review and update incident response plans to address potential unauthorized access incidents. Finally, ensure that all user credentials are managed securely and consider multi-factor authentication to add an additional layer of protection.