CVE-2023-41706 — Uncontrolled Resource Consumption in Gmbh OX APP Suite

CWE-400 — Uncontrolled Resource Consumption3 documents3 sources

Severity

6.5MEDIUMNVD

EPSS

0.2%

top 55.62%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Open-xchange Appsuite Open-xchange Gmbh OX APP Suite

Timeline

PublishedFeb 12

Description

Processing time of drive search expressions now gets monitored, and the related request is terminated if a resource threshold is reached. Availability of OX App Suite could be reduced due to high processing load. Please deploy the provided updates and patch releases. Processing of user-defined drive search expressions is not limited No publicly available exploits are known.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

▶NVDopen-xchange/open-xchange_appsuite< 7.6.3+4

▶CVEListV5open-xchange_gmbh/ox_app_suite7.10.6-rev55+2

🔴Vulnerability Details

GHSA

GHSA-vw7m-6wwg-32mq: Processing time of drive search expressions now gets monitored, and the related request is terminated if a resource threshold is reached↗2024-02-12

▶

CVEList

CVE-2023-41706: Processing time of drive search expressions now gets monitored, and the related request is terminated if a resource threshold is reached↗2024-02-12

▶