OXAS-ADV-2023-0006
Vulnerability from csaf_ox
Published
2023-09-25 00:00
Modified
2024-01-22 00:00
Summary
OX App Suite Security Advisory OXAS-ADV-2023-0006
{ document: { aggregate_severity: { text: "HIGH", }, category: "csaf_security_advisory", csaf_version: "2.0", lang: "en-US", publisher: { category: "vendor", name: "Open-Xchange GmbH", namespace: "https://open-xchange.com/", }, references: [ { category: "external", summary: "Release Notes", url: "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6251_7.10.6_2023-09-25.pdf", }, { category: "self", summary: "Canonical CSAF document", url: "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0006.json", }, { category: "self", summary: "Markdown representation", url: "https://documentation.open-xchange.com/appsuite/security/advisories/md/2023/oxas-adv-2023-0006.md", }, { category: "self", summary: "HTML representation", url: "https://documentation.open-xchange.com/appsuite/security/advisories/html/2023/oxas-adv-2023-0006.html", }, { category: "self", summary: "Plain-text representation", url: "https://documentation.open-xchange.com/appsuite/security/advisories/txt/2023/oxas-adv-2023-0006.txt", }, ], title: "OX App Suite Security Advisory OXAS-ADV-2023-0006", tracking: { current_release_date: "2024-01-22T00:00:00+00:00", generator: { date: "2024-01-22T15:39:58+00:00", engine: { name: "OX CSAF", version: "1.0.0", }, }, id: "OXAS-ADV-2023-0006", initial_release_date: "2023-09-25T00:00:00+02:00", revision_history: [ { date: "2023-09-25T00:00:00+02:00", number: "1", summary: "Initial release", }, { date: "2024-01-22T00:00:00+00:00", number: "2", summary: "Public release", }, { date: "2024-01-22T00:00:00+00:00", number: "3", summary: "Public release", }, { date: "2024-01-22T00:00:00+00:00", number: "4", summary: "Public release", }, { date: "2024-01-22T00:00:00+00:00", number: "5", summary: "Public release", }, { date: "2024-01-22T00:00:00+00:00", number: "6", summary: "Public release", }, { date: "2024-01-22T00:00:00+00:00", number: "7", summary: "Public release", }, ], status: "final", version: "7", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "7.10.6-rev51", product: { name: "OX App Suite backend 7.10.6-rev51", product_id: "OXAS-BACKEND_7.10.6-rev51", product_identification_helper: { cpe: "cpe:2.3:a:open-xchange:app_suite:7.10.6:rev51:*:*:*:*:*:*", }, }, }, { category: "product_version", name: "8.17", product: { name: "OX App Suite backend 8.17", product_id: "OXAS-BACKEND_8.17", product_identification_helper: { cpe: "cpe:2.3:a:open-xchange:app_suite:8.17:*:*:*:*:*:*:*", }, }, }, { category: "product_version", name: "7.10.6-rev52", product: { name: "OX App Suite backend 7.10.6-rev52", product_id: "OXAS-BACKEND_7.10.6-rev52", product_identification_helper: { cpe: "cpe:2.3:a:open-xchange:app_suite:7.10.6:rev52:*:*:*:*:*:*", x_generic_uris: [ { namespace: "https://documentation.open-xchange.com/appsuite/security/advisories/#urn-parsing", uri: "urn:open-xchange:app_suite:patch-id:6251", }, ], }, }, }, { category: "product_version", name: "8.18", product: { name: "OX App Suite backend 8.18", product_id: "OXAS-BACKEND_8.18", product_identification_helper: { cpe: "cpe:2.3:a:open-xchange:app_suite:8.18:*:*:*:*:*:*:*", }, }, }, ], category: "product_name", name: "OX App Suite backend", }, { branches: [ { category: "product_version", name: "7.10.6-rev34", product: { name: "OX App Suite frontend 7.10.6-rev34", product_id: "OXAS-FRONTEND_7.10.6-rev34", product_identification_helper: { cpe: "cpe:2.3:a:open-xchange:app_suite:7.10.6:rev34:*:*:*:*:*:*", }, }, }, { category: "product_version", name: "7.10.6-rev35", product: { name: "OX App Suite frontend 7.10.6-rev35", product_id: "OXAS-FRONTEND_7.10.6-rev35", product_identification_helper: { cpe: "cpe:2.3:a:open-xchange:app_suite:7.10.6:rev35:*:*:*:*:*:*", x_generic_uris: [ { namespace: "https://documentation.open-xchange.com/appsuite/security/advisories/#urn-parsing", uri: "urn:open-xchange:app_suite:patch-id:6251", }, ], }, }, }, ], category: "product_name", name: "OX App Suite frontend", }, ], category: "vendor", name: "Open-Xchange GmbH", }, ], }, vulnerabilities: [ { cve: "CVE-2023-29051", cwe: { id: "CWE-284", name: "Improper Access Control", }, discovery_date: "2023-09-21T00:08:33+02:00", ids: [ { system_name: "OX Bug", text: "MWB-2315", }, ], notes: [ { category: "description", text: "User-defined OXMF templates could be used to access a limited part of the internal OX App Suite Java API. The existing switch to disable the feature by default was not effective in this case.", }, ], product_status: { first_fixed: [ "OXAS-BACKEND_7.10.6-rev52", "OXAS-BACKEND_8.18", ], last_affected: [ "OXAS-BACKEND_7.10.6-rev51", "OXAS-BACKEND_8.17", ], }, remediations: [ { category: "vendor_fix", date: "2023-09-24T21:10:11+02:00", details: "Please deploy the provided updates and patch releases. We now make sure that the switch to disable user-generated templates by default works as intended and will remove the feature in future generations of the product.", product_ids: [ "OXAS-BACKEND_7.10.6-rev51", "OXAS-BACKEND_8.17", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "OXAS-BACKEND_7.10.6-rev51", "OXAS-BACKEND_8.17", ], }, ], threats: [ { category: "impact", details: "Unauthorized users could discover and modify application state, including objects related to other users and contexts.", }, { category: "exploit_status", details: "No publicly available exploits are known.", }, ], title: "User-defined templates can bypass access control", }, { cve: "CVE-2023-29052", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2023-09-07T15:21:55+02:00", ids: [ { system_name: "OX Bug", text: "OXUIB-2532", }, ], notes: [ { category: "description", text: "Users were able to define disclaimer texts for an upsell shop dialog that would contain script code that was not sanitized correctly.", }, ], product_status: { first_fixed: [ "OXAS-FRONTEND_7.10.6-rev35", ], last_affected: [ "OXAS-FRONTEND_7.10.6-rev34", ], }, remediations: [ { category: "vendor_fix", date: "2023-09-24T21:44:21+02:00", details: "Please deploy the provided updates and patch releases. We added sanitization for this content.", product_ids: [ "OXAS-FRONTEND_7.10.6-rev34", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "OXAS-FRONTEND_7.10.6-rev34", ], }, ], threats: [ { category: "impact", details: "Attackers could lure victims to user accounts with malicious script code and make them execute it in the context of a trusted domain.", }, { category: "exploit_status", details: "No publicly available exploits are known.", }, ], title: "XSS in upsell portal widget (shop disclaimer)", }, { cve: "CVE-2023-41710", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2023-09-07T15:27:19+02:00", ids: [ { system_name: "OX Bug", text: "OXUIB-2533", }, ], notes: [ { category: "description", text: "User-defined script code could be stored for a upsell related shop URL. This code was not correctly sanitized when adding it to DOM.", }, ], product_status: { first_fixed: [ "OXAS-FRONTEND_7.10.6-rev35", ], last_affected: [ "OXAS-FRONTEND_7.10.6-rev34", ], }, remediations: [ { category: "vendor_fix", date: "2023-09-24T21:44:04+02:00", details: "Please deploy the provided updates and patch releases. We added sanitization for this content.", product_ids: [ "OXAS-FRONTEND_7.10.6-rev34", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "OXAS-FRONTEND_7.10.6-rev34", ], }, ], threats: [ { category: "impact", details: "Attackers could lure victims to user accounts with malicious script code and make them execute it in the context of a trusted domain.", }, { category: "exploit_status", details: "No publicly available exploits are known.", }, ], title: "XSS in upsell portal widget (shop URL)", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.