CVE-2023-26432

🗓️ 20 Jun 2023 07:51:47Reported by OXType

CVE-2023-26432: SMTP capabilities response processing allows excessive resource usag

Reporter	Title	Published	Views	Family All 8
CNNVD	Open-Xchange OX App Suite 安全漏洞	20 Jun 202300:00	–	cnnvd
Cvelist	CVE-2023-26432	20 Jun 202307:51	–	cvelist
EUVD	EUVD-2023-30252	3 Oct 202520:07	–	euvd
NVD	CVE-2023-26432	20 Jun 202308:15	–	nvd
Prion	Code injection	20 Jun 202308:15	–	prion
Positive Technologies	PT-2023-20629 · Ox Software Gmbh +1 · Ox App Suite +1	20 Jun 202300:00	–	ptsecurity
RedhatCVE	CVE-2023-26432	23 May 202503:28	–	redhatcve
Vulnrichment	CVE-2023-26432	20 Jun 202307:51	–	vulnrichment

NVD

Node

open-xchange open-xchange_appsuite_backendRange<7.10.6

open-xchange open-xchange_appsuite_backendRange8.0.0–8.11.0

open-xchange open-xchange_appsuite_backendMatch7.10.6

open-xchange open-xchange_appsuite_backendMatch7.10.6revision_39

[
  {
    "defaultStatus": "unaffected",
    "modules": [
      "backend"
    ],
    "product": "OX App Suite",
    "vendor": "OX Software GmbH",
    "versions": [
      {
        "lessThanOrEqual": "7.10.6-rev39",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "8.10",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
software	www.software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6219_7.10.6_2023-03-20.pdf
seclists	www.seclists.org/fulldisclosure/2023/Jun/8
packetstormsecurity	www.packetstormsecurity.com/files/173083/OX-App-Suite-SSRF-Resource-Consumption-Command-Injection.html
documentation	www.documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0002.json

21 Nov 2024 07:51Current

4.6Medium risk

Vulners AI Score4.6

CVSS 3.14.3

EPSS0.0013

SSVC

CWE-400