CRITICAL🇬🇧 English

CVE-2020-12645

CVSS 9.8v3.1pub. 2020-08-31upd. 2024-11-21

OX App Suite 7.10.1 to 7.10.3 has improper input validation for rate limits with a crafted User-Agent header, spoofed vacation notices, and /apps/load memory consumption.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Open Xchange Appsuite

    APP
    Open-Xchange
    7.10.1 – 7.10.3
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2019-7158CRITICAL9.8ten sam produkt

OX App Suite 7.10.0 and earlier has Incorrect Access Control.

CVE-2017-13667CRITICAL9.9ten sam produkt

OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: SSRF.

CVE-2017-17060CRITICAL9.8ten sam produkt

OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Insecure Permissions.

CVE-2017-5210CRITICAL9.8ten sam produkt

Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Information Exposure.

CVE-2017-5212CRITICAL9.8ten sam produkt

Open-Xchange GmbH OX App Suite 7.8.3 is affected by: Incorrect Access Control.