CVE-2023-26456 - OpenCVE

Users were able to set an arbitrary "product name" for OX Guard. The chosen value was not sufficiently sanitized before processing it at the user interface, allowing for indirect cross-site scripting attacks. Accounts that were temporarily taken over could be configured to trigger persistent code execution, allowing an attacker to build a foothold. Sanitization is in place for product names now. No publicly available exploits are known.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Open-xchange	Ox Guard

Configuration 1 [-]

OR	cpe:2.3:a:open-xchange:ox_guard::::::::
	cpe:2.3:a:open-xchange:ox_guard:2.10.7:-::::::
	cpe:2.3:a:open-xchange:ox_guard:2.10.7:rev4::::::
	cpe:2.3:a:open-xchange:ox_guard:2.10.7:rev5::::::
	cpe:2.3:a:open-xchange:ox_guard:2.10.7:rev6::::::

No data.

References

Link	Providers
https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0004.json
https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6243_7.10.6_2023-08-01.pdf

History

No history.

MITRE

Status: PUBLISHED

Assigner: OX

Published: 2023-11-02T13:01:24.351Z

Updated: 2024-08-02T11:53:52.697Z

Reserved: 2023-02-22T20:42:56.092Z

Link: CVE-2023-26456

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-11-02T14:15:10.940

Modified: 2024-01-12T08:15:42.977

Link: CVE-2023-26456

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-26456", "assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981", "state": "PUBLISHED", "assignerShortName": "OX", "dateReserved": "2023-02-22T20:42:56.092Z", "datePublished": "2023-11-02T13:01:24.351Z", "dateUpdated": "2024-08-02T11:53:52.697Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "modules": ["guard"], "product": "OX App Suite", "vendor": "OX Software GmbH", "versions": [{"lessThanOrEqual": "2.10.7-rev6", "status": "affected", "version": "0", "versionType": "semver"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Users were able to set an arbitrary "product name" for OX Guard. The chosen value was not sufficiently sanitized before processing it at the user interface, allowing for indirect cross-site scripting attacks. Accounts that were temporarily taken over could be configured to trigger persistent code execution, allowing an attacker to build a foothold. Sanitization is in place for product names now. No publicly available exploits are known.</p>"}], "value": "Users were able to set an arbitrary \"product name\" for OX Guard. The chosen value was not sufficiently sanitized before processing it at the user interface, allowing for indirect cross-site scripting attacks. Accounts that were temporarily taken over could be configured to trigger persistent code execution, allowing an attacker to build a foothold. Sanitization is in place for product names now. No publicly available exploits are known.\n\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981", "shortName": "OX", "dateUpdated": "2024-01-12T07:09:35.360Z"}, "references": [{"tags": ["release-notes"], "url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6243_7.10.6_2023-08-01.pdf"}, {"tags": ["vendor-advisory"], "url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0004.json"}], "source": {"defect": ["GUARD-440"], "discovery": "INTERNAL"}, "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T11:53:52.697Z"}, "title": "CVE Program Container", "references": [{"tags": ["release-notes", "x_transferred"], "url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6243_7.10.6_2023-08-01.pdf"}, {"tags": ["vendor-advisory", "x_transferred"], "url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0004.json"}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:open-xchange:ox_guard:*:*:*:*:*:*:*:*", "matchCriteriaId": "F6664DDB-A2AF-4052-B94F-007AA6C39F24", "versionEndExcluding": "2.10.7", "vulnerable": true}, {"criteria": "cpe:2.3:a:open-xchange:ox_guard:2.10.7:-:*:*:*:*:*:*", "matchCriteriaId": "5C7C4678-E325-45CE-BE47-E30E1536642C", "vulnerable": true}, {"criteria": "cpe:2.3:a:open-xchange:ox_guard:2.10.7:rev4:*:*:*:*:*:*", "matchCriteriaId": "0443570E-ABA7-4F23-9B5C-B6FD78D7A318", "vulnerable": true}, {"criteria": "cpe:2.3:a:open-xchange:ox_guard:2.10.7:rev5:*:*:*:*:*:*", "matchCriteriaId": "83773F6B-A937-4194-B194-DA1FDADC7CFB", "vulnerable": true}, {"criteria": "cpe:2.3:a:open-xchange:ox_guard:2.10.7:rev6:*:*:*:*:*:*", "matchCriteriaId": "B5A11B45-E1B5-4C50-B7D0-8BF965103866", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Users were able to set an arbitrary \"product name\" for OX Guard. The chosen value was not sufficiently sanitized before processing it at the user interface, allowing for indirect cross-site scripting attacks. Accounts that were temporarily taken over could be configured to trigger persistent code execution, allowing an attacker to build a foothold. Sanitization is in place for product names now. No publicly available exploits are known.\n\n"}, {"lang": "es", "value": "Los usuarios pudieron establecer un \"nombre de producto\" arbitrario para OX Guard. El valor elegido no se sanitizo lo suficiente antes de procesarlo en la interfaz de usuario, lo que permiti\u00f3 ataques indirectos de Cross Site Scripting. Las cuentas que fueron tomadas temporalmente podr\u00edan configurarse para desencadenar la ejecuci\u00f3n de c\u00f3digo persistente, lo que permitir\u00eda a un atacante establecerse. La sanitizaci\u00f3n ya est\u00e1 implementada para los nombres de los productos. No se conocen exploits disponibles p\u00fablicamente."}], "id": "CVE-2023-26456", "lastModified": "2024-01-12T08:15:42.977", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "security@open-xchange.com", "type": "Secondary"}]}, "published": "2023-11-02T14:15:10.940", "references": [{"source": "security@open-xchange.com", "url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0004.json"}, {"source": "security@open-xchange.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6243_7.10.6_2023-08-01.pdf"}], "sourceIdentifier": "security@open-xchange.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-79"}], "source": "security@open-xchange.com", "type": "Secondary"}]}