CVE-2023-26435 — Server-Side Request Forgery in Appsuite Backend

CWE-918 — Server-Side Request Forgery3 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

0.2%

top 60.76%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Open-xchange Appsuite Backend OX Software Gmbh OX APP Suite

Timeline

PublishedJun 20

Description

It was possible to call filesystem and network references using the local LibreOffice instance using manipulated ODT documents. Attackers could discover restricted network topology and services as well as including local files with read permissions of the open-xchange system user. This was limited to specific file-types, like images. We have improved existing content filters and validators to avoid including any local resources. No publicly available exploits are known.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:NExploitability: 3.1 | Impact: 1.4

Affected Packages2 packages

▶NVDopen-xchange/open-xchange_appsuite_backend< 7.10.6+1

▶CVEListV5ox_software_gmbh/ox_app_suite7.10.6-rev7

🔴Vulnerability Details

GHSA

GHSA-qg93-cpf3-386g: It was possible to call filesystem and network references using the local LibreOffice instance using manipulated ODT documents↗2023-06-20

▶

CVEList

CVE-2023-26435: It was possible to call filesystem and network references using the local LibreOffice instance using manipulated ODT documents↗2023-06-20

▶