CVE-2023-41707

EPSS 0.23%
Veröffentlicht 12.02.2024 09:15:11
Zuletzt bearbeitet 21.11.2024 08:21:30
Quelle security@open-xchange.com
Teams Watchlist Login
Unerledigt Login

Processing of user-defined mail search expressions is not limited. Availability of OX App Suite could be reduced due to high processing load. Please deploy the provided updates and patch releases. Processing time of mail search expressions now gets monitored, and the related request is terminated if a resource threshold is reached.
 No publicly available exploits are known.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Open-xchange ≫ Open-xchange Appsuite Version < 7.6.3

Open-xchange ≫ Open-xchange Appsuite Version > 7.6.3 < 7.10.6

Open-xchange ≫ Open-xchange Appsuite Version > 7.10.6 < 8.20

Open-xchange ≫ Open-xchange Appsuite Version7.6.3 Update-

Open-xchange ≫ Open-xchange Appsuite Version7.6.3 Updatepatch_release_3464

Open-xchange ≫ Open-xchange Appsuite Version7.6.3 Updatepatch_release_3519

Open-xchange ≫ Open-xchange Appsuite Version7.6.3 Updatepatch_release_3569

Open-xchange ≫ Open-xchange Appsuite Version7.6.3 Updatepatch_release_3627

Open-xchange ≫ Open-xchange Appsuite Version7.6.3 Updatepatch_release_3728

Open-xchange ≫ Open-xchange Appsuite Version7.6.3 Updatepatch_release_3875

Open-xchange ≫ Open-xchange Appsuite Version7.6.3 Updatepatch_release_3922

Open-xchange ≫ Open-xchange Appsuite Version7.6.3 Updatepatch_release_3949

Open-xchange ≫ Open-xchange Appsuite Version7.6.3 Updatepatch_release_3991

Open-xchange ≫ Open-xchange Appsuite Version7.6.3 Updatepatch_release_4047

Open-xchange ≫ Open-xchange Appsuite Version7.6.3 Updatepatch_release_4133

Open-xchange ≫ Open-xchange Appsuite Version7.6.3 Updatepatch_release_4423

Open-xchange ≫ Open-xchange Appsuite Version7.6.3 Updatepatch_release_4470

Open-xchange ≫ Open-xchange Appsuite Version7.6.3 Updatepatch_release_4552

Open-xchange ≫ Open-xchange Appsuite Version7.6.3 Updatepatch_release_4667

Open-xchange ≫ Open-xchange Appsuite Version7.6.3 Updatepatch_release_4750

Open-xchange ≫ Open-xchange Appsuite Version7.6.3 Updatepatch_release_4789

Open-xchange ≫ Open-xchange Appsuite Version7.6.3 Updatepatch_release_4839

Open-xchange ≫ Open-xchange Appsuite Version7.6.3 Updatepatch_release_4860

Open-xchange ≫ Open-xchange Appsuite Version7.6.3 Updatepatch_release_4895

Open-xchange ≫ Open-xchange Appsuite Version7.6.3 Updatepatch_release_5104

Open-xchange ≫ Open-xchange Appsuite Version7.6.3 Updatepatch_release_5165

Open-xchange ≫ Open-xchange Appsuite Version7.6.3 Updatepatch_release_5231

Open-xchange ≫ Open-xchange Appsuite Version7.6.3 Updatepatch_release_5537

Open-xchange ≫ Open-xchange Appsuite Version7.6.3 Updatepatch_release_5637

Open-xchange ≫ Open-xchange Appsuite Version7.6.3 Updatepatch_release_5910

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Update-

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6069

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6073

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6080

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6085

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6093

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6102

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6112

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6121

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6133

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6138

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6141

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6146

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6147

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6148

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6150

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6156

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6161

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6166

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6173

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6176

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6178

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6189

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6194

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6199

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6204

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6205

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6209

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6210

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6214

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6215

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6216

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6218

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6219

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6220

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6227

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6230

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6233

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6235

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6236

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6239

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6241

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6243

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6245

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6248

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6249

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6250

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6251

Open-xchange ≫ Open-xchange Appsuite Version7.10.6 Updatepatch_release_6255

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.23%	0.454

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
security@open-xchange.com	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-400 Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0007.json

Vendor Advisory

https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6259_7.10.6_2023-12-11.pdf

Release Notes

https://nvd.nist.gov/vuln/detail/CVE-2023-41707

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-41707

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-41707

EUVD