OX App Suite 7.8.4 and earlier allows Server-Side Request Forgery.
References
Link | Resource |
---|---|
http://seclists.org/fulldisclosure/2019/Jan/10 | Exploit Mailing List Third Party Advisory |
http://software.open-xchange.com/OX6/doc/Release_Notes_for_Patch_Release_4791_7.8.4_2018-06-25.pdf | Patch Vendor Advisory |
https://software.open-xchange.com/OX6/doc/Release_Notes_for_Patch_Release_4790_7.8.3_2018-06-25.pdf | Patch Vendor Advisory |
https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_4789_7.6.3_2018-06-25.pdf | Patch Vendor Advisory |
http://seclists.org/fulldisclosure/2019/Jan/10 | Exploit Mailing List Third Party Advisory |
http://software.open-xchange.com/OX6/doc/Release_Notes_for_Patch_Release_4791_7.8.4_2018-06-25.pdf | Patch Vendor Advisory |
https://software.open-xchange.com/OX6/doc/Release_Notes_for_Patch_Release_4790_7.8.3_2018-06-25.pdf | Patch Vendor Advisory |
https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_4789_7.6.3_2018-06-25.pdf | Patch Vendor Advisory |
Configurations
History
21 Nov 2024, 03:45
Type | Values Removed | Values Added |
---|---|---|
References | () http://seclists.org/fulldisclosure/2019/Jan/10 - Exploit, Mailing List, Third Party Advisory | |
References | () http://software.open-xchange.com/OX6/doc/Release_Notes_for_Patch_Release_4791_7.8.4_2018-06-25.pdf - Patch, Vendor Advisory | |
References | () https://software.open-xchange.com/OX6/doc/Release_Notes_for_Patch_Release_4790_7.8.3_2018-06-25.pdf - Patch, Vendor Advisory | |
References | () https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_4789_7.6.3_2018-06-25.pdf - Patch, Vendor Advisory |
Information
Published : 2019-01-30 15:29
Updated : 2024-11-21 03:45
NVD link : CVE-2018-12609
Mitre link : CVE-2018-12609
CVE.ORG link : CVE-2018-12609
JSON object : View
Products Affected
open-xchange
- open-xchange_appsuite
CWE
CWE-918
Server-Side Request Forgery (SSRF)