Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.3
CVSSv3

CVE-2022-37313

Published: 26/12/2022 Updated: 04/01/2023
CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9
VMScore: 0
Subscribe to Open-xchange Appsuite

Vulnerability Summary

OX App Suite up to and including 7.10.6 allows SSRF because the anti-SSRF protection mechanism only checks the first DNS AA or AAAA record.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

open-xchange open-xchange appsuite

open-xchange open-xchange appsuite 7.10.5

open-xchange open-xchange appsuite 7.10.6

Exploits

Exploit DB: OX App Suite 7.10.6 Cross Site Scripting / SSRF / Resource Consumption
OX App Suite versions 7106 and below suffer from cross site scripting, server-side request forgery, and resource exhaustion vulnerabilities ...

References

CWE-918https://seclists.org/fulldisclosure/2022/Nov/18https://open-xchange.comhttps://nvd.nist.govhttps://packetstormsecurity.com/files/170064/OX-App-Suite-7.10.6-Cross-Site-Scripting-SSRF-Resource-Consumption.html
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
race conditionCVE-2024-4249CVE-2024-4244CVE-2023-20198TCPCVE-2022-48648CVE-2022-48636CVE-2024-21345SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook