CVE-2023-41706
published 2024-02-12CVE-2023-41706: Processing time of drive search expressions now gets monitored, and the related request is terminated if a resource threshold is reached. Availability of OX…
PriorityP433medium6.5CVSS 3.1
AVNACLPRLUINSUCNINAH
EPSS
0.78%
51.5th percentile
Processing time of drive search expressions now gets monitored, and the related request is terminated if a resource threshold is reached. Availability of OX App Suite could be reduced due to high processing load. Please deploy the provided updates and patch releases. Processing of user-defined drive search expressions is not limited No publicly available exploits are known.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| open-xchange | open-xchange_appsuite | < 7.6.3 | 7.6.3 |
| open-xchange | open-xchange_appsuite | < 7.10.6 | 7.10.6 |
| open-xchange | open-xchange_appsuite | < 8.20 | 8.20 |
| open-xchange | open-xchange_appsuite | — | — |
| open-xchange | open-xchange_appsuite | — | — |
| open-xchange_gmbh | ox_app_suite | <= 7.10.6-rev55 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0007.jsonhttps://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6259_7.10.6_2023-12-11.pdfhttp://seclists.org/fulldisclosure/2024/Feb/10https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0007.jsonhttps://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6259_7.10.6_2023-12-11.pdf
2024-02-12
Published