The open source version of Open-Xchange 0.8.2 and previous versions uses a static default username and password with a valid login shell in the initfile for the ldap-server, which allows remote malicious users to access any server where the default has not been changed.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
open-xchange open-xchange 0.8.1.6 |
||
open-xchange open-xchange |