Known Vulnerabilities for Open-xchange Appsuite by Open-xchange
Listed below are 10 of the newest known vulnerabilities associated with "Open-xchange Appsuite" by "Open-xchange".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-29047 json | Imageconverter API endpoints provided methods that were not sufficiently validating and sanitizing client input, allowing to ... | 7.3 - HIGH | 2023-11-02 | 2024-01-12 |
| CVE-2023-29046 json | Connections to external data sources, like e-mail autoconfiguration, were not terminated in case they hit a timeout, instead ... | 4.3 - MEDIUM | 2023-11-02 | 2024-01-12 |
| CVE-2023-29045 json | Documents operations, in this case "drawing", could be manipulated to contain invalid data types, possibly script code. Scrip... | 5.4 - MEDIUM | 2023-11-02 | 2024-01-12 |
| CVE-2023-29044 json | Documents operations could be manipulated to contain invalid data types, possibly script code. Script code could be injected ... | 5.4 - MEDIUM | 2023-11-02 | 2024-01-12 |
| CVE-2023-29043 json | Presentations may contain references to images, which are user-controlled, and could include malicious script code that is be... | 6.1 - MEDIUM | 2023-11-02 | 2024-01-12 |
| CVE-2023-26455 json | RMI was not requiring authentication when calling ChronosRMIService:setEventOrganizer. Attackers with local or adjacent netwo... | 7.8 - HIGH | 2023-11-02 | 2024-01-12 |
| CVE-2023-26454 json | Requests to fetch image metadata could be abused to include SQL queries that would be executed unchecked. Exploiting this vul... | 8.8 - HIGH | 2023-11-02 | 2024-01-12 |
| CVE-2023-26453 json | Requests to cache an image could be abused to include SQL queries that would be executed unchecked. Exploiting this vulnerabi... | 8.8 - HIGH | 2023-11-02 | 2024-01-12 |
| CVE-2023-26452 json | Requests to cache an image and return its metadata could be abused to include SQL queries that would be executed unchecked. E... | 8.8 - HIGH | 2023-11-02 | 2024-01-12 |
| CVE-2022-37313 json | OX App Suite through 7.10.6 allows SSRF because the anti-SSRF protection mechanism only checks the first DNS AA or AAAA recor... | 5.3 - MEDIUM | 2022-12-26 | 2023-01-04 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Open-xchange | Open-xchange Appsuite | 7.8.4 | |||
| Application | Open-xchange | Open-xchange Appsuite | 7.8.4 | |||
| Application | Open-xchange | Open-xchange Appsuite | 7.8.4 | |||
| Application | Open-xchange | Open-xchange Appsuite | 7.8.4 | |||
| Application | Open-xchange | Open-xchange Appsuite | 7.8.4 | |||
| Application | Open-xchange | Open-xchange Appsuite | 7.8.4 | |||
| Application | Open-xchange | Open-xchange Appsuite | 7.8.4 | |||
| Application | Open-xchange | Open-xchange Appsuite | 7.8.4 | |||
| Application | Open-xchange | Open-xchange Appsuite | 7.8.4 | |||
| Application | Open-xchange | Open-xchange Appsuite | 7.8.4 | |||
| Application | Open-xchange | Open-xchange Appsuite | 7.8.4 | |||
| Application | Open-xchange | Open-xchange Appsuite | 7.8.4 | |||
| Application | Open-xchange | Open-xchange Appsuite | 7.8.4 | |||
| Application | Open-xchange | Open-xchange Appsuite | 7.8.4 | |||
| Application | Open-xchange | Open-xchange Appsuite | 7.8.4 | |||
| Application | Open-xchange | Open-xchange Appsuite | 7.8.4 | |||
| Application | Open-xchange | Open-xchange Appsuite | 7.8.4 | |||
| Application | Open-xchange | Open-xchange Appsuite | 7.8.4 | |||
| Application | Open-xchange | Open-xchange Appsuite | 7.8.4 | |||
| Application | Open-xchange | Open-xchange Appsuite | 7.8.4 |