oxas-adv-2022-0002
Vulnerability from csaf_ox
Published
2022-11-02 00:00
Modified
2024-01-22 00:00
Summary
OX App Suite Security Advisory OXAS-ADV-2022-0002



{
  "document": {
    "aggregate_severity": {
      "text": "CRITICAL"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "lang": "en-US",
    "publisher": {
      "category": "vendor",
      "name": "Open-Xchange GmbH",
      "namespace": "https://open-xchange.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Release Notes",
        "url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6188_7.10.5_2022-11-02.pdf"
      },
      {
        "category": "external",
        "summary": "Release Notes",
        "url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6189_7.10.6_2022-11-02.pdf"
      },
      {
        "category": "self",
        "summary": "Canonical CSAF document",
        "url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2022/oxas-adv-2022-0002.json"
      },
      {
        "category": "self",
        "summary": "Markdown representation",
        "url": "https://documentation.open-xchange.com/appsuite/security/advisories/md/2022/oxas-adv-2022-0002.md"
      },
      {
        "category": "self",
        "summary": "HTML representation",
        "url": "https://documentation.open-xchange.com/appsuite/security/advisories/html/2022/oxas-adv-2022-0002.html"
      },
      {
        "category": "self",
        "summary": "Plain-text representation",
        "url": "https://documentation.open-xchange.com/appsuite/security/advisories/txt/2022/oxas-adv-2022-0002.txt"
      }
    ],
    "title": "OX App Suite Security Advisory OXAS-ADV-2022-0002",
    "tracking": {
      "current_release_date": "2024-01-22T00:00:00+00:00",
      "generator": {
        "date": "2024-01-22T13:14:08+00:00",
        "engine": {
          "name": "OX CSAF",
          "version": "1.0.0"
        }
      },
      "id": "OXAS-ADV-2022-0002",
      "initial_release_date": "2022-11-02T00:00:00+01:00",
      "revision_history": [
        {
          "date": "2022-11-02T00:00:00+01:00",
          "number": "1",
          "summary": "Initial release"
        },
        {
          "date": "2024-01-22T00:00:00+00:00",
          "number": "2",
          "summary": "Public release"
        },
        {
          "date": "2024-01-22T00:00:00+00:00",
          "number": "3",
          "summary": "Public release"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "7.10.5-rev50",
                "product": {
                  "name": "OX App Suite frontend 7.10.5-rev50",
                  "product_id": "OXAS-FRONTEND_7.10.5-rev50",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:open-xchange:app_suite:7.10.5:rev50:*:*:*:*:*:*"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "7.10.6-rev19",
                "product": {
                  "name": "OX App Suite frontend 7.10.6-rev19",
                  "product_id": "OXAS-FRONTEND_7.10.6-rev19",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:open-xchange:app_suite:7.10.6:rev19:*:*:*:*:*:*"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.4",
                "product": {
                  "name": "OX App Suite frontend 8.4",
                  "product_id": "OXAS-FRONTEND_8.4",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:open-xchange:app_suite:8.4:*:*:*:*:*:*:*"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "7.10.5-rev51",
                "product": {
                  "name": "OX App Suite frontend 7.10.5-rev51",
                  "product_id": "OXAS-FRONTEND_7.10.5-rev51",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:open-xchange:app_suite:7.10.5:rev51:*:*:*:*:*:*",
                    "x_generic_uris": [
                      {
                        "namespace": "https://documentation.open-xchange.com/appsuite/security/advisories/#urn-parsing",
                        "uri": "urn:open-xchange:app_suite:patch-id:6188"
                      },
                      {
                        "namespace": "https://documentation.open-xchange.com/appsuite/security/advisories/#urn-parsing",
                        "uri": "urn:open-xchange:app_suite:patch-id:6189"
                      }
                    ]
                  }
                }
              },
              {
                "category": "product_version",
                "name": "7.10.6-rev20",
                "product": {
                  "name": "OX App Suite frontend 7.10.6-rev20",
                  "product_id": "OXAS-FRONTEND_7.10.6-rev20",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:open-xchange:app_suite:7.10.6:rev20:*:*:*:*:*:*",
                    "x_generic_uris": [
                      {
                        "namespace": "https://documentation.open-xchange.com/appsuite/security/advisories/#urn-parsing",
                        "uri": "urn:open-xchange:app_suite:patch-id:6188"
                      },
                      {
                        "namespace": "https://documentation.open-xchange.com/appsuite/security/advisories/#urn-parsing",
                        "uri": "urn:open-xchange:app_suite:patch-id:6189"
                      }
                    ]
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.5",
                "product": {
                  "name": "OX App Suite frontend 8.5",
                  "product_id": "OXAS-FRONTEND_8.5",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:open-xchange:app_suite:8.5:*:*:*:*:*:*:*"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "7.6.3-rev50",
                "product": {
                  "name": "OX App Suite frontend 7.6.3-rev50",
                  "product_id": "OXAS-FRONTEND_7.6.3-rev50",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:open-xchange:app_suite:7.6.3:rev50:*:*:*:*:*:*"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "7.6.3-rev51",
                "product": {
                  "name": "OX App Suite frontend 7.6.3-rev51",
                  "product_id": "OXAS-FRONTEND_7.6.3-rev51",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:open-xchange:app_suite:7.6.3:rev51:*:*:*:*:*:*",
                    "x_generic_uris": [
                      {
                        "namespace": "https://documentation.open-xchange.com/appsuite/security/advisories/#urn-parsing",
                        "uri": "urn:open-xchange:app_suite:patch-id:6188"
                      },
                      {
                        "namespace": "https://documentation.open-xchange.com/appsuite/security/advisories/#urn-parsing",
                        "uri": "urn:open-xchange:app_suite:patch-id:6189"
                      }
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "OX App Suite frontend"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "7.10.5-rev50",
                "product": {
                  "name": "OX App Suite backend 7.10.5-rev50",
                  "product_id": "OXAS-BACKEND_7.10.5-rev50",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:open-xchange:app_suite:7.10.5:rev50:*:*:*:*:*:*"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "7.10.6-rev29",
                "product": {
                  "name": "OX App Suite backend 7.10.6-rev29",
                  "product_id": "OXAS-BACKEND_7.10.6-rev29",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:open-xchange:app_suite:7.10.6:rev29:*:*:*:*:*:*"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.4",
                "product": {
                  "name": "OX App Suite backend 8.4",
                  "product_id": "OXAS-BACKEND_8.4",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:open-xchange:app_suite:8.4:*:*:*:*:*:*:*"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "7.10.5-rev51",
                "product": {
                  "name": "OX App Suite backend 7.10.5-rev51",
                  "product_id": "OXAS-BACKEND_7.10.5-rev51",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:open-xchange:app_suite:7.10.5:rev51:*:*:*:*:*:*",
                    "x_generic_uris": [
                      {
                        "namespace": "https://documentation.open-xchange.com/appsuite/security/advisories/#urn-parsing",
                        "uri": "urn:open-xchange:app_suite:patch-id:6188"
                      },
                      {
                        "namespace": "https://documentation.open-xchange.com/appsuite/security/advisories/#urn-parsing",
                        "uri": "urn:open-xchange:app_suite:patch-id:6189"
                      }
                    ]
                  }
                }
              },
              {
                "category": "product_version",
                "name": "7.10.6-rev30",
                "product": {
                  "name": "OX App Suite backend 7.10.6-rev30",
                  "product_id": "OXAS-BACKEND_7.10.6-rev30",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:open-xchange:app_suite:7.10.6:rev30:*:*:*:*:*:*",
                    "x_generic_uris": [
                      {
                        "namespace": "https://documentation.open-xchange.com/appsuite/security/advisories/#urn-parsing",
                        "uri": "urn:open-xchange:app_suite:patch-id:6188"
                      },
                      {
                        "namespace": "https://documentation.open-xchange.com/appsuite/security/advisories/#urn-parsing",
                        "uri": "urn:open-xchange:app_suite:patch-id:6189"
                      }
                    ]
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.5",
                "product": {
                  "name": "OX App Suite backend 8.5",
                  "product_id": "OXAS-BACKEND_8.5",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:open-xchange:app_suite:8.5:*:*:*:*:*:*:*"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "7.6.3-rev65",
                "product": {
                  "name": "OX App Suite backend 7.6.3-rev65",
                  "product_id": "OXAS-BACKEND_7.6.3-rev65",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:open-xchange:app_suite:7.6.3:rev65:*:*:*:*:*:*"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "7.6.3-rev66",
                "product": {
                  "name": "OX App Suite backend 7.6.3-rev66",
                  "product_id": "OXAS-BACKEND_7.6.3-rev66",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:open-xchange:app_suite:7.6.3:rev66:*:*:*:*:*:*",
                    "x_generic_uris": [
                      {
                        "namespace": "https://documentation.open-xchange.com/appsuite/security/advisories/#urn-parsing",
                        "uri": "urn:open-xchange:app_suite:patch-id:6188"
                      },
                      {
                        "namespace": "https://documentation.open-xchange.com/appsuite/security/advisories/#urn-parsing",
                        "uri": "urn:open-xchange:app_suite:patch-id:6189"
                      }
                    ]
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.6",
                "product": {
                  "name": "OX App Suite backend 8.6",
                  "product_id": "OXAS-BACKEND_8.6",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:open-xchange:app_suite:8.6:*:*:*:*:*:*:*"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.7",
                "product": {
                  "name": "OX App Suite backend 8.7",
                  "product_id": "OXAS-BACKEND_8.7",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:open-xchange:app_suite:8.7:*:*:*:*:*:*:*"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "OX App Suite backend"
          }
        ],
        "category": "vendor",
        "name": "Open-Xchange GmbH"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-37306",
      "cwe": {
        "id": "CWE-80",
        "name": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)"
      },
      "discovery_date": "2022-07-29T10:34:17+02:00",
      "ids": [
        {
          "system_name": "OX Bug",
          "text": "OXUIB-1795"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Non-alphanumeric content can be injected by the user as JS content for the \"upsell\" module. As a result, the code will be executed during subsequent logins and opening the \"Portal\" application, enabling a persistent cross-site scripting attack vector."
        }
      ],
      "product_status": {
        "first_fixed": [
          "OXAS-FRONTEND_7.10.5-rev51",
          "OXAS-FRONTEND_7.10.6-rev20",
          "OXAS-FRONTEND_8.5"
        ],
        "last_affected": [
          "OXAS-FRONTEND_7.10.5-rev50",
          "OXAS-FRONTEND_7.10.6-rev19",
          "OXAS-FRONTEND_8.4"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-10-21T16:16:36+02:00",
          "details": "Please deploy the provided updates and patch releases. We improved the allow-list sanitizing algorithm to deal with non-alphanumeric code.",
          "product_ids": [
            "OXAS-FRONTEND_7.10.5-rev50",
            "OXAS-FRONTEND_7.10.6-rev19",
            "OXAS-FRONTEND_8.4"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "OXAS-FRONTEND_7.10.5-rev50",
            "OXAS-FRONTEND_7.10.6-rev19",
            "OXAS-FRONTEND_8.4"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface (e.g. redirecting to a third-party site). To exploit this an attacker would require temporary access to the users account or lure a user to a compromised account."
        },
        {
          "category": "exploit_status",
          "details": "No publicly available exploits are known."
        }
      ],
      "title": "XSS using \"upsell\" triggers"
    },
    {
      "cve": "CVE-2022-43696",
      "cwe": {
        "id": "CWE-80",
        "name": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)"
      },
      "discovery_date": "2022-09-26T10:30:45+02:00",
      "ids": [
        {
          "system_name": "OX Bug",
          "text": "OXUIB-1933"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "HTML content can be injected by the user as JS content for the \"upsell ads\" module. As a result, the code will be executed during subsequent logins and opening the \"Portal\" application, enabling a persistent cross-site scripting attack vector."
        }
      ],
      "product_status": {
        "first_fixed": [
          "OXAS-FRONTEND_7.10.5-rev51",
          "OXAS-FRONTEND_7.10.6-rev20",
          "OXAS-FRONTEND_7.6.3-rev51"
        ],
        "last_affected": [
          "OXAS-FRONTEND_7.10.5-rev50",
          "OXAS-FRONTEND_7.10.6-rev19",
          "OXAS-FRONTEND_7.6.3-rev50"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-10-21T16:07:30+02:00",
          "details": "Please deploy the provided updates and patch releases. We improved the sanitization process for upsell ads.",
          "product_ids": [
            "OXAS-FRONTEND_7.10.5-rev50",
            "OXAS-FRONTEND_7.10.6-rev19",
            "OXAS-FRONTEND_7.6.3-rev50"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "OXAS-FRONTEND_7.10.5-rev50",
            "OXAS-FRONTEND_7.10.6-rev19",
            "OXAS-FRONTEND_7.6.3-rev50"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface (e.g. redirecting to a third-party site). To exploit this an attacker would require temporary access to the users account or lure a user to a compromised account."
        },
        {
          "category": "exploit_status",
          "details": "No publicly available exploits are known."
        }
      ],
      "title": "XSS using \"upsell ads\""
    },
    {
      "cve": "CVE-2022-43697",
      "cwe": {
        "id": "CWE-80",
        "name": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)"
      },
      "discovery_date": "2022-08-16T09:40:05+02:00",
      "ids": [
        {
          "system_name": "OX Bug",
          "text": "MWB-1784"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "In case activity tracking adapters are enabled but not defined, users can use jslob to define own tracking settings for an account. This allows adding arbitrary values to trigger a specific URL or load a library."
        }
      ],
      "product_status": {
        "first_fixed": [
          "OXAS-BACKEND_7.10.5-rev51",
          "OXAS-BACKEND_7.10.6-rev30",
          "OXAS-BACKEND_8.5"
        ],
        "last_affected": [
          "OXAS-BACKEND_7.10.5-rev50",
          "OXAS-BACKEND_7.10.6-rev29",
          "OXAS-BACKEND_8.4"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-10-25T17:06:19+02:00",
          "details": "Please deploy the provided updates and patch releases. We made the related jslob configuration endpoint read-only for users.",
          "product_ids": [
            "OXAS-BACKEND_7.10.5-rev50",
            "OXAS-BACKEND_7.10.6-rev29",
            "OXAS-BACKEND_8.4"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "OXAS-BACKEND_7.10.5-rev50",
            "OXAS-BACKEND_7.10.6-rev29",
            "OXAS-BACKEND_8.4"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface (e.g. redirecting to a third-party site). To exploit this an attacker would require temporary access to the users account or lure a user to a compromised account."
        },
        {
          "category": "exploit_status",
          "details": "No publicly available exploits are known."
        }
      ],
      "title": "\"Tracking\" features can be used to inject arbitrary script code"
    },
    {
      "cve": "CVE-2022-43698",
      "cwe": {
        "id": "CWE-918",
        "name": "Server-Side Request Forgery (SSRF)"
      },
      "discovery_date": "2022-09-14T13:16:50+02:00",
      "ids": [
        {
          "system_name": "OX Bug",
          "text": "MWB-1823"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "When changing a valid external POP3 mail account as a user, the operation to update the accounts settings did not consider deny-list values."
        }
      ],
      "product_status": {
        "first_fixed": [
          "OXAS-BACKEND_7.10.5-rev51",
          "OXAS-BACKEND_7.10.6-rev30",
          "OXAS-BACKEND_8.5"
        ],
        "last_affected": [
          "OXAS-BACKEND_7.10.5-rev50",
          "OXAS-BACKEND_7.10.6-rev29",
          "OXAS-BACKEND_8.4"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-10-24T16:10:01+02:00",
          "details": "Please deploy the provided updates and patch releases. We now check compliance with existing deny-list content when updating POP3 mail accounts.",
          "product_ids": [
            "OXAS-BACKEND_7.10.5-rev50",
            "OXAS-BACKEND_7.10.6-rev29",
            "OXAS-BACKEND_8.4"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "OXAS-BACKEND_7.10.5-rev50",
            "OXAS-BACKEND_7.10.6-rev29",
            "OXAS-BACKEND_8.4"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Server-initiated requests can be directed to internal resources that are restricted based on deny-list settings. This can be used to determine \"internal\" addresses and services, depending on measurement and content of error responses. While no data of such services can be exfiltrated, the risk is a violation of perimeter based security policies."
        },
        {
          "category": "exploit_status",
          "details": "No publicly available exploits are known."
        }
      ],
      "title": "SSRF using POP3 account updates"
    },
    {
      "cve": "CVE-2022-43699",
      "cwe": {
        "id": "CWE-918",
        "name": "Server-Side Request Forgery (SSRF)"
      },
      "discovery_date": "2022-10-06T13:09:35+02:00",
      "ids": [
        {
          "system_name": "OX Bug",
          "text": "MWB-1862"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The external E-Mail autodiscovery feature performs connections checks based on the E-Mail addresses host-part. Those do not take existing deny-lists into respect, allowing attackers with access to DNS records of a domain to redirect requests to illegal addresses."
        }
      ],
      "product_status": {
        "first_fixed": [
          "OXAS-BACKEND_7.10.5-rev51",
          "OXAS-BACKEND_7.10.6-rev30",
          "OXAS-BACKEND_7.6.3-rev66",
          "OXAS-BACKEND_8.6"
        ],
        "last_affected": [
          "OXAS-BACKEND_7.10.5-rev50",
          "OXAS-BACKEND_7.10.6-rev29",
          "OXAS-BACKEND_7.6.3-rev65",
          "OXAS-BACKEND_8.5"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-11-07T16:24:39+01:00",
          "details": "Please deploy the provided updates and patch releases. We check for compliance with existing deny-list content when performing mail account autodiscovery.",
          "product_ids": [
            "OXAS-BACKEND_7.10.5-rev50",
            "OXAS-BACKEND_7.10.6-rev29",
            "OXAS-BACKEND_7.6.3-rev65",
            "OXAS-BACKEND_8.5"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "OXAS-BACKEND_7.10.5-rev50",
            "OXAS-BACKEND_7.10.6-rev29",
            "OXAS-BACKEND_7.6.3-rev65",
            "OXAS-BACKEND_8.5"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Server-initiated requests can be directed to internal resources that are restricted based on deny-list settings. This can be used to determine \"internal\" addresses and services, depending on measurement and content of error responses. While no data of such services can be exfiltrated, the risk is a violation of perimeter based security policies."
        },
        {
          "category": "exploit_status",
          "details": "No publicly available exploits are known."
        }
      ],
      "title": "Mail account discovery can be abused for SSRF"
    },
    {
      "cve": "CVE-2022-42889",
      "cwe": {
        "id": "CWE-94",
        "name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
      },
      "discovery_date": "2022-10-19T13:46:58+02:00",
      "ids": [
        {
          "system_name": "OX Bug",
          "text": "MWB-1882"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A critical vulnerability at the Apache Commons Text library has been identified, which is used by OX App Suite and OX Documents. However, our products do not directly use the vulnerable StringSubstitutor class. Based on current knowledge that means our products are not vulnerable."
        }
      ],
      "product_status": {
        "first_fixed": [
          "OXAS-BACKEND_7.10.5-rev51",
          "OXAS-BACKEND_7.10.6-rev30",
          "OXAS-BACKEND_8.7"
        ],
        "last_affected": [
          "OXAS-BACKEND_7.10.5-rev50",
          "OXAS-BACKEND_7.10.6-rev29",
          "OXAS-BACKEND_8.6"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-10-21T10:32:30+02:00",
          "details": "Please deploy the provided updates and patch releases. We provided a update for this library to resolve the risk as a precaution, in case custom implementations use the vulnerable class.",
          "product_ids": [
            "OXAS-BACKEND_7.10.5-rev50",
            "OXAS-BACKEND_7.10.6-rev29",
            "OXAS-BACKEND_8.6"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "OXAS-BACKEND_7.10.5-rev50",
            "OXAS-BACKEND_7.10.6-rev29",
            "OXAS-BACKEND_8.6"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Remote Code Execution, see CVE-2022-42889."
        },
        {
          "category": "exploit_status",
          "details": "No publicly available exploits are known."
        }
      ],
      "title": "Apache Commons Text (CVE-2022-42889)"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.