Vulnerabilities > Open Xchange > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-02 | CVE-2023-26442 | Server-Side Request Forgery (SSRF) vulnerability in Open-Xchange Appsuite Office 7.8.3 In case Cacheservice was configured to use a sproxyd object-storage backend, it would follow HTTP redirects issued by that backend. | 3.2 |
| 2023-08-02 | CVE-2023-26438 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Open-Xchange Appsuite Backend 7.10.6/8.10.0 External service lookups for a number of protocols were vulnerable to a time-of-check/time-of-use (TOCTOU) weakness, involving the JDK DNS cache. | 3.1 |
| 2023-06-20 | CVE-2023-26427 | Incorrect Permission Assignment for Critical Resource vulnerability in Open-Xchange Appsuite Backend Default permissions for a properties file were too permissive. | 3.3 |
| 2019-08-20 | CVE-2019-11806 | Incorrect Permission Assignment for Critical Resource vulnerability in Open-Xchange Appsuite OX App Suite 7.10.1 and earlier has Insecure Permissions. | 3.3 |
| 2016-12-15 | CVE-2016-4027 | Information Exposure vulnerability in Open-Xchange Appsuite 7.8.1 An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev10. | 3.5 |