Vulnerabilities > CVE-2023-24605 - Missing Authorization vulnerability in Open-Xchange OX APP Suite 7.10.5/7.10.6
Attack vector
NETWORK Attack complexity
HIGH Privileges required
LOW Confidentiality impact
LOW Integrity impact
LOW Availability impact
NONE Summary
OX App Suite before backend 7.10.6-rev37 does not enforce 2FA for all endpoints, e.g., reading from a drive, reading contact data, and renaming tokens.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 41 |