Vulnerabilities > CVE-2022-37313 - Server-Side Request Forgery (SSRF) vulnerability in Open-Xchange Appsuite 7.10.5/7.10.6

047910
CVSS 5.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
LOW
Integrity impact
NONE
Availability impact
NONE
network
low complexity
open-xchange
CWE-918
NVD
Published: 2022-12-26
Updated: 2023-01-04

Summary

OX App Suite through 7.10.6 allows SSRF because the anti-SSRF protection mechanism only checks the first DNS AA or AAAA record.

Vulnerable Configurations

Part Description Count
Application
Open-Xchange
52

Common Weakness Enumeration (CWE)

References