cbcvebase.
CVE-2023-41706
published 2024-02-12

CVE-2023-41706: Processing time of drive search expressions now gets monitored, and the related request is terminated if a resource threshold is reached. Availability of OX…

PriorityP433medium6.5CVSS 3.1
AVNACLPRLUINSUCNINAH
EPSS
0.78%
51.5th percentile
Processing time of drive search expressions now gets monitored, and the related request is terminated if a resource threshold is reached. Availability of OX App Suite could be reduced due to high processing load. Please deploy the provided updates and patch releases. Processing of user-defined drive search expressions is not limited No publicly available exploits are known.

Affected

6 ranges
VendorProductVersion rangeFixed in
open-xchangeopen-xchange_appsuite< 7.6.37.6.3
open-xchangeopen-xchange_appsuite< 7.10.67.10.6
open-xchangeopen-xchange_appsuite< 8.208.20
open-xchangeopen-xchange_appsuite
open-xchangeopen-xchange_appsuite
open-xchange_gmbhox_app_suite<= 7.10.6-rev55
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.