CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
AI Score
Confidence
High
EPSS
Percentile
29.6%
OX App Suite before backend 7.10.6-rev37 has an information leak in the handling of distribution lists, e.g., partial disclosure of the private contacts of another user.
Vendor | Product | Version | CPE |
---|---|---|---|
open-xchange | ox_app_suite | * | cpe:2.3:a:open-xchange:ox_app_suite:*:*:*:*:*:*:*:* |
open-xchange | ox_app_suite | 7.10.6 | cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:-:*:*:*:*:*:* |
open-xchange | ox_app_suite | 7.10.6 | cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev01:*:*:*:*:*:* |
open-xchange | ox_app_suite | 7.10.6 | cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev02:*:*:*:*:*:* |
open-xchange | ox_app_suite | 7.10.6 | cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev03:*:*:*:*:*:* |
open-xchange | ox_app_suite | 7.10.6 | cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev04:*:*:*:*:*:* |
open-xchange | ox_app_suite | 7.10.6 | cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev05:*:*:*:*:*:* |
open-xchange | ox_app_suite | 7.10.6 | cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev06:*:*:*:*:*:* |
open-xchange | ox_app_suite | 7.10.6 | cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev07:*:*:*:*:*:* |
open-xchange | ox_app_suite | 7.10.6 | cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev08:*:*:*:*:*:* |