cvelistv5 - cve-2023-26431

CVE-2023-26431 (GCVE-0-2023-26431)

Vulnerability from cvelistv5

Published

2023-06-20 07:51

Modified

2024-08-02 11:46

Severity ?

5.0 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N

CWE

CWE-918 - Server-Side Request Forgery (SSRF)

Summary

IPv4-mapped IPv6 addresses did not get recognized as "local" by the code and a connection attempt is made. Attackers with access to user accounts could use this to bypass existing deny-list functionality and trigger requests to restricted network infrastructure to gain insight about topology and running services. We now respect possible IPV4-mapped IPv6 addresses when checking if contained in a deny-list. No publicly available exploits are known.

References

URL

	Vendor	Product	Version
	OX Software GmbH	OX App Suite	Version: 0 ≤ 7.10.6-rev39 Version: 0 ≤ 8.10

OXAS-ADV-2023-0002

Vulnerability from csaf_ox

Published

2023-03-20 00:00

Modified

2024-01-22 00:00

Summary

OX App Suite Security Advisory OXAS-ADV-2023-0002

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "HIGH"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "lang": "en-US",
    "publisher": {
      "category": "vendor",
      "name": "Open-Xchange GmbH",
      "namespace": "https://open-xchange.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Release Notes",
        "url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6219_7.10.6_2023-03-20.pdf"
      },
      {
        "category": "self",
        "summary": "Canonical CSAF document",
        "url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0002.json"
      },
      {
        "category": "self",
        "summary": "Markdown representation",
        "url": "https://documentation.open-xchange.com/appsuite/security/advisories/md/2023/oxas-adv-2023-0002.md"
      },
      {
        "category": "self",
        "summary": "HTML representation",
        "url": "https://documentation.open-xchange.com/appsuite/security/advisories/html/2023/oxas-adv-2023-0002.html"
      },
      {
        "category": "self",
        "summary": "Plain-text representation",
        "url": "https://documentation.open-xchange.com/appsuite/security/advisories/txt/2023/oxas-adv-2023-0002.txt"
      }
    ],
    "title": "OX App Suite Security Advisory OXAS-ADV-2023-0002",
    "tracking": {
      "current_release_date": "2024-01-22T00:00:00+00:00",
      "generator": {
        "date": "2024-01-22T13:14:18+00:00",
        "engine": {
          "name": "OX CSAF",
          "version": "1.0.0"
        }
      },
      "id": "OXAS-ADV-2023-0002",
      "initial_release_date": "2023-03-20T00:00:00+01:00",
      "revision_history": [
        {
          "date": "2023-03-20T00:00:00+01:00",
          "number": "1",
          "summary": "Initial release"
        },
        {
          "date": "2024-01-22T00:00:00+00:00",
          "number": "2",
          "summary": "Public release"
        },
        {
          "date": "2024-01-22T00:00:00+00:00",
          "number": "3",
          "summary": "Public release"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "7.10.6-rev39",
                "product": {
                  "name": "OX App Suite backend 7.10.6-rev39",
                  "product_id": "OXAS-BACKEND_7.10.6-rev39",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:open-xchange:app_suite:7.10.6:rev39:*:*:*:*:*:*"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "7.10.6-rev40",
                "product": {
                  "name": "OX App Suite backend 7.10.6-rev40",
                  "product_id": "OXAS-BACKEND_7.10.6-rev40",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:open-xchange:app_suite:7.10.6:rev40:*:*:*:*:*:*",
                    "x_generic_uris": [
                      {
                        "namespace": "https://documentation.open-xchange.com/appsuite/security/advisories/#urn-parsing",
                        "uri": "urn:open-xchange:app_suite:patch-id:6219"
                      }
                    ]
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.9",
                "product": {
                  "name": "OX App Suite backend 8.9",
                  "product_id": "OXAS-BACKEND_8.9",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:open-xchange:app_suite:8.9:*:*:*:*:*:*:*"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.10",
                "product": {
                  "name": "OX App Suite backend 8.10",
                  "product_id": "OXAS-BACKEND_8.10",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:open-xchange:app_suite:8.10:*:*:*:*:*:*:*"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.11",
                "product": {
                  "name": "OX App Suite backend 8.11",
                  "product_id": "OXAS-BACKEND_8.11",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:open-xchange:app_suite:8.11:*:*:*:*:*:*:*"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "7.6.3-rev67",
                "product": {
                  "name": "OX App Suite backend 7.6.3-rev67",
                  "product_id": "OXAS-BACKEND_7.6.3-rev67",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:open-xchange:app_suite:7.6.3:rev67:*:*:*:*:*:*"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "7.6.3-rev68",
                "product": {
                  "name": "OX App Suite backend 7.6.3-rev68",
                  "product_id": "OXAS-BACKEND_7.6.3-rev68",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:open-xchange:app_suite:7.6.3:rev68:*:*:*:*:*:*",
                    "x_generic_uris": [
                      {
                        "namespace": "https://documentation.open-xchange.com/appsuite/security/advisories/#urn-parsing",
                        "uri": "urn:open-xchange:app_suite:patch-id:6219"
                      }
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "OX App Suite backend"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "7.10.6-rev7",
                "product": {
                  "name": "OX App Suite office 7.10.6-rev7",
                  "product_id": "OXAS-OFFICE_7.10.6-rev7",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:open-xchange:office:7.10.6:rev7:*:*:*:*:*:*"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "7.10.6-rev8",
                "product": {
                  "name": "OX App Suite office 7.10.6-rev8",
                  "product_id": "OXAS-OFFICE_7.10.6-rev8",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:open-xchange:office:7.10.6:rev8:*:*:*:*:*:*",
                    "x_generic_uris": [
                      {
                        "namespace": "https://documentation.open-xchange.com/appsuite/security/advisories/#urn-parsing",
                        "uri": "urn:open-xchange:app_suite:patch-id:6219"
                      }
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "OX App Suite office"
          }
        ],
        "category": "vendor",
        "name": "Open-Xchange GmbH"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-26427",
      "cwe": {
        "id": "CWE-922",
        "name": "Insecure Storage of Sensitive Information"
      },
      "discovery_date": "2023-01-09T12:42:20+01:00",
      "ids": [
        {
          "system_name": "OX Bug",
          "text": "MWB-1994"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Default permissions for a properties file were too permissive."
        }
      ],
      "product_status": {
        "first_fixed": [
          "OXAS-BACKEND_7.10.6-rev40"
        ],
        "last_affected": [
          "OXAS-BACKEND_7.10.6-rev39"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-03-10T14:04:58+01:00",
          "details": "Please deploy the provided updates and patch releases. We updated the default permissions for noreply.properties set during package installation.",
          "product_ids": [
            "OXAS-BACKEND_7.10.6-rev39"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 3.2,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "OXAS-BACKEND_7.10.6-rev39"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Local system users could read potentially sensitive information."
        },
        {
          "category": "exploit_status",
          "details": "No publicly available exploits are known."
        }
      ],
      "title": "Weak default permissions for noreply.properties"
    },
    {
      "cve": "CVE-2023-26428",
      "cwe": {
        "id": "CWE-639",
        "name": "Authorization Bypass Through User-Controlled Key"
      },
      "discovery_date": "2023-01-17T10:35:20+01:00",
      "ids": [
        {
          "system_name": "OX Bug",
          "text": "MWB-2008"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Attackers can successfully request arbitrary snippet IDs, including E-Mail signatures of other users within the same context."
        }
      ],
      "product_status": {
        "first_fixed": [
          "OXAS-BACKEND_7.10.6-rev40",
          "OXAS-BACKEND_8.10"
        ],
        "last_affected": [
          "OXAS-BACKEND_7.10.6-rev39",
          "OXAS-BACKEND_8.9"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-03-10T15:18:51+01:00",
          "details": "Please deploy the provided updates and patch releases. We improved permission handling when requesting snippets that are not explicitly shared with other users.",
          "product_ids": [
            "OXAS-BACKEND_7.10.6-rev39",
            "OXAS-BACKEND_8.9"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "OXAS-BACKEND_7.10.6-rev39",
            "OXAS-BACKEND_8.9"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Signatures of other users could be read even though they are not explicitly shared."
        },
        {
          "category": "exploit_status",
          "details": "No publicly available exploits are known."
        }
      ],
      "title": "Access to other users signatures is not checked"
    },
    {
      "cve": "CVE-2023-26429",
      "cwe": {
        "id": "CWE-77",
        "name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
      },
      "discovery_date": "2023-01-23T09:51:11+01:00",
      "ids": [
        {
          "system_name": "OX Bug",
          "text": "MWB-2019"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Control characters were not removed when exporting user feedback content."
        }
      ],
      "product_status": {
        "first_fixed": [
          "OXAS-BACKEND_7.10.6-rev40",
          "OXAS-BACKEND_8.11"
        ],
        "last_affected": [
          "OXAS-BACKEND_7.10.6-rev39",
          "OXAS-BACKEND_8.10"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-03-09T09:02:59+01:00",
          "details": "Please deploy the provided updates and patch releases. We now drop all control characters that are not whitespace character during the export.",
          "product_ids": [
            "OXAS-BACKEND_7.10.6-rev39",
            "OXAS-BACKEND_8.10"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.5,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "OXAS-BACKEND_7.10.6-rev39",
            "OXAS-BACKEND_8.10"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "This allowed attackers to include unexpected content via user feedback and potentially break the exported data structure."
        },
        {
          "category": "exploit_status",
          "details": "No publicly available exploits are known."
        }
      ],
      "title": "User-feedback not sanitized for control characters"
    },
    {
      "cve": "CVE-2023-26431",
      "cwe": {
        "id": "CWE-918",
        "name": "Server-Side Request Forgery (SSRF)"
      },
      "discovery_date": "2023-02-07T11:29:36+01:00",
      "ids": [
        {
          "system_name": "OX Bug",
          "text": "MWB-2038"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "IPv4-mapped IPv6 addresses did not get recognized as \"local\" by the code and a connection attempt is made."
        }
      ],
      "product_status": {
        "first_fixed": [
          "OXAS-BACKEND_7.10.6-rev40",
          "OXAS-BACKEND_8.11"
        ],
        "last_affected": [
          "OXAS-BACKEND_7.10.6-rev39",
          "OXAS-BACKEND_8.10"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-03-16T13:14:51+01:00",
          "details": "Please deploy the provided updates and patch releases. We now respect possible IPV4-mapped IPv6 addresses when checking if contained in a deny-list.",
          "product_ids": [
            "OXAS-BACKEND_7.10.6-rev39",
            "OXAS-BACKEND_8.10"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "OXAS-BACKEND_7.10.6-rev39",
            "OXAS-BACKEND_8.10"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Attackers with access to user accounts could use this to bypass existing deny-list functionality and trigger requests to restricted network infrastructure to gain insight about topology and running services."
        },
        {
          "category": "exploit_status",
          "details": "No publicly available exploits are known."
        }
      ],
      "title": "SSRF through bypassing denylists via IPV4-mapped IPv6 addresses"
    },
    {
      "cve": "CVE-2023-26432",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2023-02-13T10:00:20+01:00",
      "ids": [
        {
          "system_name": "OX Bug",
          "text": "MWB-2046"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "When adding an external mail account, processing of SMTP \"capabilities\" responses are not limited to plausible sizes."
        }
      ],
      "product_status": {
        "first_fixed": [
          "OXAS-BACKEND_7.10.6-rev40",
          "OXAS-BACKEND_7.6.3-rev68",
          "OXAS-BACKEND_8.11"
        ],
        "last_affected": [
          "OXAS-BACKEND_7.10.6-rev39",
          "OXAS-BACKEND_7.6.3-rev67",
          "OXAS-BACKEND_8.10"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-03-13T09:40:08+01:00",
          "details": "Please deploy the provided updates and patch releases. We now limit accepted SMTP server response to reasonable length/size.",
          "product_ids": [
            "OXAS-BACKEND_7.10.6-rev39",
            "OXAS-BACKEND_7.6.3-rev67",
            "OXAS-BACKEND_8.10"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "OXAS-BACKEND_7.10.6-rev39",
            "OXAS-BACKEND_7.6.3-rev67",
            "OXAS-BACKEND_8.10"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Attacker with access to a rogue SMTP service could trigger requests that lead to excessive resource usage and eventually service unavailability."
        },
        {
          "category": "exploit_status",
          "details": "No publicly available exploits are known."
        }
      ],
      "title": "SMTP capabilities allow excessive memory usage"
    },
    {
      "cve": "CVE-2023-26433",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2023-02-13T10:02:56+01:00",
      "ids": [
        {
          "system_name": "OX Bug",
          "text": "MWB-2047"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "When adding an external mail account, processing of IMAP \"capabilities\" responses are not limited to plausible sizes."
        }
      ],
      "product_status": {
        "first_fixed": [
          "OXAS-BACKEND_7.10.6-rev40",
          "OXAS-BACKEND_7.6.3-rev68",
          "OXAS-BACKEND_8.11"
        ],
        "last_affected": [
          "OXAS-BACKEND_7.10.6-rev39",
          "OXAS-BACKEND_7.6.3-rev67",
          "OXAS-BACKEND_8.10"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-03-13T10:16:14+01:00",
          "details": "Please deploy the provided updates and patch releases. We now limit accepted IMAP server response to reasonable length/size.",
          "product_ids": [
            "OXAS-BACKEND_7.10.6-rev39",
            "OXAS-BACKEND_7.6.3-rev67",
            "OXAS-BACKEND_8.10"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "OXAS-BACKEND_7.10.6-rev39",
            "OXAS-BACKEND_7.6.3-rev67",
            "OXAS-BACKEND_8.10"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Attacker with access to a rogue IMAP service could trigger requests that lead to excessive resource usage and eventually service unavailability."
        },
        {
          "category": "exploit_status",
          "details": "No publicly available exploits are known."
        }
      ],
      "title": "IMAP capabilities allow excessive memory usage"
    },
    {
      "cve": "CVE-2023-26434",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2023-02-13T10:03:53+01:00",
      "ids": [
        {
          "system_name": "OX Bug",
          "text": "MWB-2048"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "When adding an external mail account, processing of POP3 \"capabilities\" responses are not limited to plausible sizes."
        }
      ],
      "product_status": {
        "first_fixed": [
          "OXAS-BACKEND_7.10.6-rev40",
          "OXAS-BACKEND_7.6.3-rev68",
          "OXAS-BACKEND_8.11"
        ],
        "last_affected": [
          "OXAS-BACKEND_7.10.6-rev39",
          "OXAS-BACKEND_7.6.3-rev67",
          "OXAS-BACKEND_8.10"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-03-13T09:56:43+01:00",
          "details": "Please deploy the provided updates and patch releases. We now limit accepted POP3 server response to reasonable length/size.",
          "product_ids": [
            "OXAS-BACKEND_7.10.6-rev39",
            "OXAS-BACKEND_7.6.3-rev67",
            "OXAS-BACKEND_8.10"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "OXAS-BACKEND_7.10.6-rev39",
            "OXAS-BACKEND_7.6.3-rev67",
            "OXAS-BACKEND_8.10"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Attacker with access to a rogue POP3 service could trigger requests that lead to excessive resource usage and eventually service unavailability."
        },
        {
          "category": "exploit_status",
          "details": "No publicly available exploits are known."
        }
      ],
      "title": "POP3 capabilities allow excessive memory usage"
    },
    {
      "cve": "CVE-2023-26435",
      "cwe": {
        "id": "CWE-918",
        "name": "Server-Side Request Forgery (SSRF)"
      },
      "discovery_date": "2023-01-09T17:41:14+01:00",
      "ids": [
        {
          "system_name": "OX Bug",
          "text": "DOCS-4662"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was possible to call filesystem and network references using the local LibreOffice instance using manipulated ODT documents."
        }
      ],
      "product_status": {
        "first_fixed": [
          "OXAS-OFFICE_7.10.6-rev8"
        ],
        "last_affected": [
          "OXAS-OFFICE_7.10.6-rev7"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-03-13T13:38:29+01:00",
          "details": "Please deploy the provided updates and patch releases. We have improved existing content filters and validators to avoid including any local resources.",
          "product_ids": [
            "OXAS-OFFICE_7.10.6-rev7"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "OXAS-OFFICE_7.10.6-rev7"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Attackers could discover restricted network topology and services as well as including local files with read permissions of the open-xchange system user. This was limited to specific file-types, like images."
        },
        {
          "category": "exploit_status",
          "details": "No publicly available exploits are known."
        }
      ],
      "title": "SSRF using ODT files and \"draw\" XML fragments"
    },
    {
      "cve": "CVE-2023-26436",
      "cwe": {
        "id": "CWE-94",
        "name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
      },
      "discovery_date": "2023-02-03T15:30:42+01:00",
      "ids": [
        {
          "system_name": "OX Bug",
          "text": "DOCS-4701"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Attackers with access to the \"documentconverterws\" API were able to inject serialized Java objects, that were not properly checked during deserialization. Access to this API endpoint is restricted to local networks by default."
        }
      ],
      "product_status": {
        "first_fixed": [
          "OXAS-OFFICE_7.10.6-rev8"
        ],
        "last_affected": [
          "OXAS-OFFICE_7.10.6-rev7"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-03-13T14:28:56+01:00",
          "details": "Please deploy the provided updates and patch releases. A check has been introduced to restrict processing of legal and expected classes for this API. We now log a warning in case there are attempts to inject illegal classes.",
          "product_ids": [
            "OXAS-OFFICE_7.10.6-rev7"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "OXAS-OFFICE_7.10.6-rev7"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Arbitrary code could be injected that is being executed when processing the request."
        },
        {
          "category": "exploit_status",
          "details": "No publicly available exploits are known."
        }
      ],
      "title": "Insecure Deserialization on documentconverterws API lead to Remote Code Execution"
    }
  ]
}

oxas-adv-2023-0002

Vulnerability from csaf_ox

Published

2023-03-20 00:00

Modified

2024-01-22 00:00

Summary

OX App Suite Security Advisory OXAS-ADV-2023-0002

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "HIGH"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "lang": "en-US",
    "publisher": {
      "category": "vendor",
      "name": "Open-Xchange GmbH",
      "namespace": "https://open-xchange.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Release Notes",
        "url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6219_7.10.6_2023-03-20.pdf"
      },
      {
        "category": "self",
        "summary": "Canonical CSAF document",
        "url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0002.json"
      },
      {
        "category": "self",
        "summary": "Markdown representation",
        "url": "https://documentation.open-xchange.com/appsuite/security/advisories/md/2023/oxas-adv-2023-0002.md"
      },
      {
        "category": "self",
        "summary": "HTML representation",
        "url": "https://documentation.open-xchange.com/appsuite/security/advisories/html/2023/oxas-adv-2023-0002.html"
      },
      {
        "category": "self",
        "summary": "Plain-text representation",
        "url": "https://documentation.open-xchange.com/appsuite/security/advisories/txt/2023/oxas-adv-2023-0002.txt"
      }
    ],
    "title": "OX App Suite Security Advisory OXAS-ADV-2023-0002",
    "tracking": {
      "current_release_date": "2024-01-22T00:00:00+00:00",
      "generator": {
        "date": "2024-01-22T13:14:18+00:00",
        "engine": {
          "name": "OX CSAF",
          "version": "1.0.0"
        }
      },
      "id": "OXAS-ADV-2023-0002",
      "initial_release_date": "2023-03-20T00:00:00+01:00",
      "revision_history": [
        {
          "date": "2023-03-20T00:00:00+01:00",
          "number": "1",
          "summary": "Initial release"
        },
        {
          "date": "2024-01-22T00:00:00+00:00",
          "number": "2",
          "summary": "Public release"
        },
        {
          "date": "2024-01-22T00:00:00+00:00",
          "number": "3",
          "summary": "Public release"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "7.10.6-rev39",
                "product": {
                  "name": "OX App Suite backend 7.10.6-rev39",
                  "product_id": "OXAS-BACKEND_7.10.6-rev39",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:open-xchange:app_suite:7.10.6:rev39:*:*:*:*:*:*"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "7.10.6-rev40",
                "product": {
                  "name": "OX App Suite backend 7.10.6-rev40",
                  "product_id": "OXAS-BACKEND_7.10.6-rev40",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:open-xchange:app_suite:7.10.6:rev40:*:*:*:*:*:*",
                    "x_generic_uris": [
                      {
                        "namespace": "https://documentation.open-xchange.com/appsuite/security/advisories/#urn-parsing",
                        "uri": "urn:open-xchange:app_suite:patch-id:6219"
                      }
                    ]
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.9",
                "product": {
                  "name": "OX App Suite backend 8.9",
                  "product_id": "OXAS-BACKEND_8.9",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:open-xchange:app_suite:8.9:*:*:*:*:*:*:*"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.10",
                "product": {
                  "name": "OX App Suite backend 8.10",
                  "product_id": "OXAS-BACKEND_8.10",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:open-xchange:app_suite:8.10:*:*:*:*:*:*:*"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.11",
                "product": {
                  "name": "OX App Suite backend 8.11",
                  "product_id": "OXAS-BACKEND_8.11",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:open-xchange:app_suite:8.11:*:*:*:*:*:*:*"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "7.6.3-rev67",
                "product": {
                  "name": "OX App Suite backend 7.6.3-rev67",
                  "product_id": "OXAS-BACKEND_7.6.3-rev67",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:open-xchange:app_suite:7.6.3:rev67:*:*:*:*:*:*"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "7.6.3-rev68",
                "product": {
                  "name": "OX App Suite backend 7.6.3-rev68",
                  "product_id": "OXAS-BACKEND_7.6.3-rev68",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:open-xchange:app_suite:7.6.3:rev68:*:*:*:*:*:*",
                    "x_generic_uris": [
                      {
                        "namespace": "https://documentation.open-xchange.com/appsuite/security/advisories/#urn-parsing",
                        "uri": "urn:open-xchange:app_suite:patch-id:6219"
                      }
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "OX App Suite backend"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "7.10.6-rev7",
                "product": {
                  "name": "OX App Suite office 7.10.6-rev7",
                  "product_id": "OXAS-OFFICE_7.10.6-rev7",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:open-xchange:office:7.10.6:rev7:*:*:*:*:*:*"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "7.10.6-rev8",
                "product": {
                  "name": "OX App Suite office 7.10.6-rev8",
                  "product_id": "OXAS-OFFICE_7.10.6-rev8",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:open-xchange:office:7.10.6:rev8:*:*:*:*:*:*",
                    "x_generic_uris": [
                      {
                        "namespace": "https://documentation.open-xchange.com/appsuite/security/advisories/#urn-parsing",
                        "uri": "urn:open-xchange:app_suite:patch-id:6219"
                      }
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "OX App Suite office"
          }
        ],
        "category": "vendor",
        "name": "Open-Xchange GmbH"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-26427",
      "cwe": {
        "id": "CWE-922",
        "name": "Insecure Storage of Sensitive Information"
      },
      "discovery_date": "2023-01-09T12:42:20+01:00",
      "ids": [
        {
          "system_name": "OX Bug",
          "text": "MWB-1994"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Default permissions for a properties file were too permissive."
        }
      ],
      "product_status": {
        "first_fixed": [
          "OXAS-BACKEND_7.10.6-rev40"
        ],
        "last_affected": [
          "OXAS-BACKEND_7.10.6-rev39"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-03-10T14:04:58+01:00",
          "details": "Please deploy the provided updates and patch releases. We updated the default permissions for noreply.properties set during package installation.",
          "product_ids": [
            "OXAS-BACKEND_7.10.6-rev39"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 3.2,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "OXAS-BACKEND_7.10.6-rev39"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Local system users could read potentially sensitive information."
        },
        {
          "category": "exploit_status",
          "details": "No publicly available exploits are known."
        }
      ],
      "title": "Weak default permissions for noreply.properties"
    },
    {
      "cve": "CVE-2023-26428",
      "cwe": {
        "id": "CWE-639",
        "name": "Authorization Bypass Through User-Controlled Key"
      },
      "discovery_date": "2023-01-17T10:35:20+01:00",
      "ids": [
        {
          "system_name": "OX Bug",
          "text": "MWB-2008"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Attackers can successfully request arbitrary snippet IDs, including E-Mail signatures of other users within the same context."
        }
      ],
      "product_status": {
        "first_fixed": [
          "OXAS-BACKEND_7.10.6-rev40",
          "OXAS-BACKEND_8.10"
        ],
        "last_affected": [
          "OXAS-BACKEND_7.10.6-rev39",
          "OXAS-BACKEND_8.9"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-03-10T15:18:51+01:00",
          "details": "Please deploy the provided updates and patch releases. We improved permission handling when requesting snippets that are not explicitly shared with other users.",
          "product_ids": [
            "OXAS-BACKEND_7.10.6-rev39",
            "OXAS-BACKEND_8.9"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "OXAS-BACKEND_7.10.6-rev39",
            "OXAS-BACKEND_8.9"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Signatures of other users could be read even though they are not explicitly shared."
        },
        {
          "category": "exploit_status",
          "details": "No publicly available exploits are known."
        }
      ],
      "title": "Access to other users signatures is not checked"
    },
    {
      "cve": "CVE-2023-26429",
      "cwe": {
        "id": "CWE-77",
        "name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
      },
      "discovery_date": "2023-01-23T09:51:11+01:00",
      "ids": [
        {
          "system_name": "OX Bug",
          "text": "MWB-2019"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Control characters were not removed when exporting user feedback content."
        }
      ],
      "product_status": {
        "first_fixed": [
          "OXAS-BACKEND_7.10.6-rev40",
          "OXAS-BACKEND_8.11"
        ],
        "last_affected": [
          "OXAS-BACKEND_7.10.6-rev39",
          "OXAS-BACKEND_8.10"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-03-09T09:02:59+01:00",
          "details": "Please deploy the provided updates and patch releases. We now drop all control characters that are not whitespace character during the export.",
          "product_ids": [
            "OXAS-BACKEND_7.10.6-rev39",
            "OXAS-BACKEND_8.10"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.5,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "OXAS-BACKEND_7.10.6-rev39",
            "OXAS-BACKEND_8.10"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "This allowed attackers to include unexpected content via user feedback and potentially break the exported data structure."
        },
        {
          "category": "exploit_status",
          "details": "No publicly available exploits are known."
        }
      ],
      "title": "User-feedback not sanitized for control characters"
    },
    {
      "cve": "CVE-2023-26431",
      "cwe": {
        "id": "CWE-918",
        "name": "Server-Side Request Forgery (SSRF)"
      },
      "discovery_date": "2023-02-07T11:29:36+01:00",
      "ids": [
        {
          "system_name": "OX Bug",
          "text": "MWB-2038"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "IPv4-mapped IPv6 addresses did not get recognized as \"local\" by the code and a connection attempt is made."
        }
      ],
      "product_status": {
        "first_fixed": [
          "OXAS-BACKEND_7.10.6-rev40",
          "OXAS-BACKEND_8.11"
        ],
        "last_affected": [
          "OXAS-BACKEND_7.10.6-rev39",
          "OXAS-BACKEND_8.10"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-03-16T13:14:51+01:00",
          "details": "Please deploy the provided updates and patch releases. We now respect possible IPV4-mapped IPv6 addresses when checking if contained in a deny-list.",
          "product_ids": [
            "OXAS-BACKEND_7.10.6-rev39",
            "OXAS-BACKEND_8.10"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "OXAS-BACKEND_7.10.6-rev39",
            "OXAS-BACKEND_8.10"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Attackers with access to user accounts could use this to bypass existing deny-list functionality and trigger requests to restricted network infrastructure to gain insight about topology and running services."
        },
        {
          "category": "exploit_status",
          "details": "No publicly available exploits are known."
        }
      ],
      "title": "SSRF through bypassing denylists via IPV4-mapped IPv6 addresses"
    },
    {
      "cve": "CVE-2023-26432",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2023-02-13T10:00:20+01:00",
      "ids": [
        {
          "system_name": "OX Bug",
          "text": "MWB-2046"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "When adding an external mail account, processing of SMTP \"capabilities\" responses are not limited to plausible sizes."
        }
      ],
      "product_status": {
        "first_fixed": [
          "OXAS-BACKEND_7.10.6-rev40",
          "OXAS-BACKEND_7.6.3-rev68",
          "OXAS-BACKEND_8.11"
        ],
        "last_affected": [
          "OXAS-BACKEND_7.10.6-rev39",
          "OXAS-BACKEND_7.6.3-rev67",
          "OXAS-BACKEND_8.10"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-03-13T09:40:08+01:00",
          "details": "Please deploy the provided updates and patch releases. We now limit accepted SMTP server response to reasonable length/size.",
          "product_ids": [
            "OXAS-BACKEND_7.10.6-rev39",
            "OXAS-BACKEND_7.6.3-rev67",
            "OXAS-BACKEND_8.10"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "OXAS-BACKEND_7.10.6-rev39",
            "OXAS-BACKEND_7.6.3-rev67",
            "OXAS-BACKEND_8.10"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Attacker with access to a rogue SMTP service could trigger requests that lead to excessive resource usage and eventually service unavailability."
        },
        {
          "category": "exploit_status",
          "details": "No publicly available exploits are known."
        }
      ],
      "title": "SMTP capabilities allow excessive memory usage"
    },
    {
      "cve": "CVE-2023-26433",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2023-02-13T10:02:56+01:00",
      "ids": [
        {
          "system_name": "OX Bug",
          "text": "MWB-2047"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "When adding an external mail account, processing of IMAP \"capabilities\" responses are not limited to plausible sizes."
        }
      ],
      "product_status": {
        "first_fixed": [
          "OXAS-BACKEND_7.10.6-rev40",
          "OXAS-BACKEND_7.6.3-rev68",
          "OXAS-BACKEND_8.11"
        ],
        "last_affected": [
          "OXAS-BACKEND_7.10.6-rev39",
          "OXAS-BACKEND_7.6.3-rev67",
          "OXAS-BACKEND_8.10"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-03-13T10:16:14+01:00",
          "details": "Please deploy the provided updates and patch releases. We now limit accepted IMAP server response to reasonable length/size.",
          "product_ids": [
            "OXAS-BACKEND_7.10.6-rev39",
            "OXAS-BACKEND_7.6.3-rev67",
            "OXAS-BACKEND_8.10"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "OXAS-BACKEND_7.10.6-rev39",
            "OXAS-BACKEND_7.6.3-rev67",
            "OXAS-BACKEND_8.10"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Attacker with access to a rogue IMAP service could trigger requests that lead to excessive resource usage and eventually service unavailability."
        },
        {
          "category": "exploit_status",
          "details": "No publicly available exploits are known."
        }
      ],
      "title": "IMAP capabilities allow excessive memory usage"
    },
    {
      "cve": "CVE-2023-26434",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2023-02-13T10:03:53+01:00",
      "ids": [
        {
          "system_name": "OX Bug",
          "text": "MWB-2048"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "When adding an external mail account, processing of POP3 \"capabilities\" responses are not limited to plausible sizes."
        }
      ],
      "product_status": {
        "first_fixed": [
          "OXAS-BACKEND_7.10.6-rev40",
          "OXAS-BACKEND_7.6.3-rev68",
          "OXAS-BACKEND_8.11"
        ],
        "last_affected": [
          "OXAS-BACKEND_7.10.6-rev39",
          "OXAS-BACKEND_7.6.3-rev67",
          "OXAS-BACKEND_8.10"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-03-13T09:56:43+01:00",
          "details": "Please deploy the provided updates and patch releases. We now limit accepted POP3 server response to reasonable length/size.",
          "product_ids": [
            "OXAS-BACKEND_7.10.6-rev39",
            "OXAS-BACKEND_7.6.3-rev67",
            "OXAS-BACKEND_8.10"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "OXAS-BACKEND_7.10.6-rev39",
            "OXAS-BACKEND_7.6.3-rev67",
            "OXAS-BACKEND_8.10"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Attacker with access to a rogue POP3 service could trigger requests that lead to excessive resource usage and eventually service unavailability."
        },
        {
          "category": "exploit_status",
          "details": "No publicly available exploits are known."
        }
      ],
      "title": "POP3 capabilities allow excessive memory usage"
    },
    {
      "cve": "CVE-2023-26435",
      "cwe": {
        "id": "CWE-918",
        "name": "Server-Side Request Forgery (SSRF)"
      },
      "discovery_date": "2023-01-09T17:41:14+01:00",
      "ids": [
        {
          "system_name": "OX Bug",
          "text": "DOCS-4662"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was possible to call filesystem and network references using the local LibreOffice instance using manipulated ODT documents."
        }
      ],
      "product_status": {
        "first_fixed": [
          "OXAS-OFFICE_7.10.6-rev8"
        ],
        "last_affected": [
          "OXAS-OFFICE_7.10.6-rev7"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-03-13T13:38:29+01:00",
          "details": "Please deploy the provided updates and patch releases. We have improved existing content filters and validators to avoid including any local resources.",
          "product_ids": [
            "OXAS-OFFICE_7.10.6-rev7"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "OXAS-OFFICE_7.10.6-rev7"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Attackers could discover restricted network topology and services as well as including local files with read permissions of the open-xchange system user. This was limited to specific file-types, like images."
        },
        {
          "category": "exploit_status",
          "details": "No publicly available exploits are known."
        }
      ],
      "title": "SSRF using ODT files and \"draw\" XML fragments"
    },
    {
      "cve": "CVE-2023-26436",
      "cwe": {
        "id": "CWE-94",
        "name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
      },
      "discovery_date": "2023-02-03T15:30:42+01:00",
      "ids": [
        {
          "system_name": "OX Bug",
          "text": "DOCS-4701"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Attackers with access to the \"documentconverterws\" API were able to inject serialized Java objects, that were not properly checked during deserialization. Access to this API endpoint is restricted to local networks by default."
        }
      ],
      "product_status": {
        "first_fixed": [
          "OXAS-OFFICE_7.10.6-rev8"
        ],
        "last_affected": [
          "OXAS-OFFICE_7.10.6-rev7"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-03-13T14:28:56+01:00",
          "details": "Please deploy the provided updates and patch releases. A check has been introduced to restrict processing of legal and expected classes for this API. We now log a warning in case there are attempts to inject illegal classes.",
          "product_ids": [
            "OXAS-OFFICE_7.10.6-rev7"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "OXAS-OFFICE_7.10.6-rev7"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Arbitrary code could be injected that is being executed when processing the request."
        },
        {
          "category": "exploit_status",
          "details": "No publicly available exploits are known."
        }
      ],
      "title": "Insecure Deserialization on documentconverterws API lead to Remote Code Execution"
    }
  ]
}

fkie_cve-2023-26431

Vulnerability from fkie_nvd

Published

2023-06-20 08:15

Modified

2024-11-21 07:51

Severity ?

5.0 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Summary

References

URL	Tags
security@open-xchange.com	http://packetstormsecurity.com/files/173083/OX-App-Suite-SSRF-Resource-Consumption-Command-Injection.html	Third Party Advisory, VDB Entry
security@open-xchange.com	http://seclists.org/fulldisclosure/2023/Jun/8	Mailing List, Third Party Advisory
security@open-xchange.com	https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0002.json
security@open-xchange.com	https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6219_7.10.6_2023-03-20.pdf	Release Notes
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/173083/OX-App-Suite-SSRF-Resource-Consumption-Command-Injection.html	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://seclists.org/fulldisclosure/2023/Jun/8	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0002.json
af854a3a-2127-422b-91ae-364da2661108	https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6219_7.10.6_2023-03-20.pdf	Release Notes

Impacted products

Vendor	Product	Version
open-xchange	open-xchange_appsuite_backend	*
open-xchange	open-xchange_appsuite_backend	*
open-xchange	open-xchange_appsuite_backend	7.10.6
open-xchange	open-xchange_appsuite_backend	7.10.6

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_backend:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "74EDAF14-4BF1-4E62-AA44-86090B6BEEFD",
              "versionEndExcluding": "7.10.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_backend:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "73183E5C-54B0-4426-BD3B-34C19BBDECEE",
              "versionEndExcluding": "8.11.0",
              "versionStartIncluding": "8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_backend:7.10.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "D41FD049-C028-4C6D-A9D7-9DD1820B2C5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_backend:7.10.6:revision_39:*:*:*:*:*:*",
              "matchCriteriaId": "1B382924-49BE-43BF-B012-7F8F8A90CA6C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IPv4-mapped IPv6 addresses did not get recognized as \"local\" by the code and a connection attempt is made. Attackers with access to user accounts could use this to bypass existing deny-list functionality and trigger requests to restricted network infrastructure to gain insight about topology and running services. We now respect possible IPV4-mapped IPv6 addresses when checking if contained in a deny-list. No publicly available exploits are known.\n\n"
    }
  ],
  "id": "CVE-2023-26431",
  "lastModified": "2024-11-21T07:51:25.743",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 1.4,
        "source": "security@open-xchange.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-06-20T08:15:09.297",
  "references": [
    {
      "source": "security@open-xchange.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/173083/OX-App-Suite-SSRF-Resource-Consumption-Command-Injection.html"
    },
    {
      "source": "security@open-xchange.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/fulldisclosure/2023/Jun/8"
    },
    {
      "source": "security@open-xchange.com",
      "url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0002.json"
    },
    {
      "source": "security@open-xchange.com",
      "tags": [
        "Release Notes"
      ],
      "url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6219_7.10.6_2023-03-20.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/173083/OX-App-Suite-SSRF-Resource-Consumption-Command-Injection.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/fulldisclosure/2023/Jun/8"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0002.json"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes"
      ],
      "url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6219_7.10.6_2023-03-20.pdf"
    }
  ],
  "sourceIdentifier": "security@open-xchange.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-918"
        }
      ],
      "source": "security@open-xchange.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-918"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

gsd-2023-26431

Vulnerability from gsd

Modified

2023-12-13 01:20

Details

Aliases

CVE-2023-26431

Aliases

CVE-2023-26431

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2023-26431",
    "id": "GSD-2023-26431"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2023-26431"
      ],
      "details": "IPv4-mapped IPv6 addresses did not get recognized as \"local\" by the code and a connection attempt is made. Attackers with access to user accounts could use this to bypass existing deny-list functionality and trigger requests to restricted network infrastructure to gain insight about topology and running services. We now respect possible IPV4-mapped IPv6 addresses when checking if contained in a deny-list. No publicly available exploits are known.\n\n",
      "id": "GSD-2023-26431",
      "modified": "2023-12-13T01:20:53.605941Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@open-xchange.com",
        "ID": "CVE-2023-26431",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "OX App Suite",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c=",
                          "version_name": "0",
                          "version_value": "7.10.6-rev39"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "OX Software GmbH"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "IPv4-mapped IPv6 addresses did not get recognized as \"local\" by the code and a connection attempt is made. Attackers with access to user accounts could use this to bypass existing deny-list functionality and trigger requests to restricted network infrastructure to gain insight about topology and running services. We now respect possible IPV4-mapped IPv6 addresses when checking if contained in a deny-list. No publicly available exploits are known.\n\n"
          }
        ]
      },
      "generator": {
        "engine": "Vulnogram 0.1.0-dev"
      },
      "impact": {
        "cvss": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-918",
                "lang": "eng",
                "value": "CWE-918 Server-Side Request Forgery (SSRF)"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6219_7.10.6_2023-03-20.pdf",
            "refsource": "MISC",
            "url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6219_7.10.6_2023-03-20.pdf"
          },
          {
            "name": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0002.json",
            "refsource": "MISC",
            "url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0002.json"
          },
          {
            "name": "http://seclists.org/fulldisclosure/2023/Jun/8",
            "refsource": "MISC",
            "url": "http://seclists.org/fulldisclosure/2023/Jun/8"
          },
          {
            "name": "http://packetstormsecurity.com/files/173083/OX-App-Suite-SSRF-Resource-Consumption-Command-Injection.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/173083/OX-App-Suite-SSRF-Resource-Consumption-Command-Injection.html"
          }
        ]
      },
      "source": {
        "defect": [
          "MWB-2038"
        ],
        "discovery": "EXTERNAL"
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_backend:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "74EDAF14-4BF1-4E62-AA44-86090B6BEEFD",
                    "versionEndExcluding": "7.10.6",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_backend:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "73183E5C-54B0-4426-BD3B-34C19BBDECEE",
                    "versionEndExcluding": "8.11.0",
                    "versionStartIncluding": "8.0.0",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_backend:7.10.6:*:*:*:*:*:*:*",
                    "matchCriteriaId": "D41FD049-C028-4C6D-A9D7-9DD1820B2C5F",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_backend:7.10.6:revision_39:*:*:*:*:*:*",
                    "matchCriteriaId": "1B382924-49BE-43BF-B012-7F8F8A90CA6C",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "IPv4-mapped IPv6 addresses did not get recognized as \"local\" by the code and a connection attempt is made. Attackers with access to user accounts could use this to bypass existing deny-list functionality and trigger requests to restricted network infrastructure to gain insight about topology and running services. We now respect possible IPV4-mapped IPv6 addresses when checking if contained in a deny-list. No publicly available exploits are known.\n\n"
          }
        ],
        "id": "CVE-2023-26431",
        "lastModified": "2024-01-12T08:15:40.353",
        "metrics": {
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "exploitabilityScore": 2.8,
              "impactScore": 1.4,
              "source": "nvd@nist.gov",
              "type": "Primary"
            },
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
                "version": "3.1"
              },
              "exploitabilityScore": 3.1,
              "impactScore": 1.4,
              "source": "security@open-xchange.com",
              "type": "Secondary"
            }
          ]
        },
        "published": "2023-06-20T08:15:09.297",
        "references": [
          {
            "source": "security@open-xchange.com",
            "tags": [
              "Third Party Advisory",
              "VDB Entry"
            ],
            "url": "http://packetstormsecurity.com/files/173083/OX-App-Suite-SSRF-Resource-Consumption-Command-Injection.html"
          },
          {
            "source": "security@open-xchange.com",
            "tags": [
              "Mailing List",
              "Third Party Advisory"
            ],
            "url": "http://seclists.org/fulldisclosure/2023/Jun/8"
          },
          {
            "source": "security@open-xchange.com",
            "url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0002.json"
          },
          {
            "source": "security@open-xchange.com",
            "tags": [
              "Release Notes"
            ],
            "url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6219_7.10.6_2023-03-20.pdf"
          }
        ],
        "sourceIdentifier": "security@open-xchange.com",
        "vulnStatus": "Modified",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-918"
              }
            ],
            "source": "nvd@nist.gov",
            "type": "Primary"
          },
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-918"
              }
            ],
            "source": "security@open-xchange.com",
            "type": "Secondary"
          }
        ]
      }
    }
  }
}

ghsa-fqgf-87c4-qvqm

Vulnerability from github

Published

2023-06-20 09:30

Modified

2024-01-12 09:30

Severity ?

5.0 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2023-26431"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-918"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-06-20T08:15:09Z",
    "severity": "MODERATE"
  },
  "details": "IPv4-mapped IPv6 addresses did not get recognized as \"local\" by the code and a connection attempt is made. Attackers with access to user accounts could use this to bypass existing deny-list functionality and trigger requests to restricted network infrastructure to gain insight about topology and running services. We now respect possible IPV4-mapped IPv6 addresses when checking if contained in a deny-list. No publicly available exploits are known.\n\n",
  "id": "GHSA-fqgf-87c4-qvqm",
  "modified": "2024-01-12T09:30:25Z",
  "published": "2023-06-20T09:30:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26431"
    },
    {
      "type": "WEB",
      "url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0002.json"
    },
    {
      "type": "WEB",
      "url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0002.json"
    },
    {
      "type": "WEB",
      "url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6219_7.10.6_2023-03-20.pdf"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/173083/OX-App-Suite-SSRF-Resource-Consumption-Command-Injection.html"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2023/Jun/8"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2023-26431 (GCVE-0-2023-26431)

Vulnerability from cvelistv5

OXAS-ADV-2023-0002

Vulnerability from csaf_ox

oxas-adv-2023-0002

Vulnerability from csaf_ox

fkie_cve-2023-26431

Vulnerability from fkie_nvd

gsd-2023-26431

Vulnerability from gsd

ghsa-fqgf-87c4-qvqm

Vulnerability from github

Tags

Sightings

Nomenclature