Known Vulnerabilities for Open-xchange Appsuite by Open-xchange
Listed below are 10 of the newest known vulnerabilities associated with "Open-xchange Appsuite" by "Open-xchange".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-29047 | Imageconverter API endpoints provided methods that were not sufficiently validating and sanitizing client input, allowing to ... | 7.3 - HIGH | 2023-11-02 | 2024-01-12 |
| CVE-2023-29046 | Connections to external data sources, like e-mail autoconfiguration, were not terminated in case they hit a timeout, instead ... | 4.3 - MEDIUM | 2023-11-02 | 2024-01-12 |
| CVE-2023-29045 | Documents operations, in this case "drawing", could be manipulated to contain invalid data types, possibly script code. Scrip... | 5.4 - MEDIUM | 2023-11-02 | 2024-01-12 |
| CVE-2023-29044 | Documents operations could be manipulated to contain invalid data types, possibly script code. Script code could be injected ... | 5.4 - MEDIUM | 2023-11-02 | 2024-01-12 |
| CVE-2023-29043 | Presentations may contain references to images, which are user-controlled, and could include malicious script code that is be... | 6.1 - MEDIUM | 2023-11-02 | 2024-01-12 |
| CVE-2023-26455 | RMI was not requiring authentication when calling ChronosRMIService:setEventOrganizer. Attackers with local or adjacent netwo... | 7.8 - HIGH | 2023-11-02 | 2024-01-12 |
| CVE-2023-26454 | Requests to fetch image metadata could be abused to include SQL queries that would be executed unchecked. Exploiting this vul... | 8.8 - HIGH | 2023-11-02 | 2024-01-12 |
| CVE-2023-26453 | Requests to cache an image could be abused to include SQL queries that would be executed unchecked. Exploiting this vulnerabi... | 8.8 - HIGH | 2023-11-02 | 2024-01-12 |
| CVE-2023-26452 | Requests to cache an image and return its metadata could be abused to include SQL queries that would be executed unchecked. E... | 8.8 - HIGH | 2023-11-02 | 2024-01-12 |
| CVE-2022-37313 | OX App Suite through 7.10.6 allows SSRF because the anti-SSRF protection mechanism only checks the first DNS AA or AAAA recor... | 5.3 - MEDIUM | 2022-12-26 | 2023-01-04 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Open-xchange | Open-xchange Appsuite | 7.8.4 | |||
| Application | Open-xchange | Open-xchange Appsuite | 7.8.4 | |||
| Application | Open-xchange | Open-xchange Appsuite | 7.8.4 | |||
| Application | Open-xchange | Open-xchange Appsuite | 7.8.4 | |||
| Application | Open-xchange | Open-xchange Appsuite | 7.8.4 | |||
| Application | Open-xchange | Open-xchange Appsuite | 7.8.4 | |||
| Application | Open-xchange | Open-xchange Appsuite | 7.8.4 | |||
| Application | Open-xchange | Open-xchange Appsuite | 7.8.4 | |||
| Application | Open-xchange | Open-xchange Appsuite | 7.8.4 | |||
| Application | Open-xchange | Open-xchange Appsuite | 7.8.4 | |||
| Application | Open-xchange | Open-xchange Appsuite | 7.8.4 | |||
| Application | Open-xchange | Open-xchange Appsuite | 7.8.4 | |||
| Application | Open-xchange | Open-xchange Appsuite | 7.8.4 | |||
| Application | Open-xchange | Open-xchange Appsuite | 7.8.4 | |||
| Application | Open-xchange | Open-xchange Appsuite | 7.8.4 | |||
| Application | Open-xchange | Open-xchange Appsuite | 7.8.4 | |||
| Application | Open-xchange | Open-xchange Appsuite | 7.8.4 | |||
| Application | Open-xchange | Open-xchange Appsuite | 7.8.4 | |||
| Application | Open-xchange | Open-xchange Appsuite | 7.8.4 | |||
| Application | Open-xchange | Open-xchange Appsuite | 7.8.4 |