{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-29048", "assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981", "state": "PUBLISHED", "assignerShortName": "OX", "dateReserved": "2023-03-30T09:34:25.189Z", "datePublished": "2024-01-08T08:51:31.461Z", "dateUpdated": "2024-08-02T14:00:14.594Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "modules": ["backend"], "product": "OX App Suite", "vendor": "Open-Xchange GmbH", "versions": [{"lessThanOrEqual": "7.10.6-rev50", "status": "affected", "version": "0", "versionType": "semver"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>A component for parsing OXMF templates could be abused to execute arbitrary system commands that would be executed as the non-privileged runtime user. Users and attackers could run system commands with limited privilege to gain unauthorized access to confidential information and potentially violate integrity by modifying resources. The template engine has been reconfigured to deny execution of harmful commands on a system level. No publicly available exploits are known.</p>"}], "value": "A component for parsing OXMF templates could be abused to execute arbitrary system commands that would be executed as the non-privileged runtime user. Users and attackers could run system commands with limited privilege to gain unauthorized access to confidential information and potentially violate integrity by modifying resources. The template engine has been reconfigured to deny execution of harmful commands on a system level. No publicly available exploits are known.\n\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981", "shortName": "OX", "dateUpdated": "2024-01-12T07:06:36.093Z"}, "references": [{"tags": ["release-notes"], "url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6248_7.10.6_2023-09-19.pdf"}, {"tags": ["vendor-advisory"], "url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0005.json"}, {"url": "http://seclists.org/fulldisclosure/2024/Jan/3"}, {"url": "http://packetstormsecurity.com/files/176421/OX-App-Suite-7.10.6-XSS-Command-Execution-LDAP-Injection.html"}], "source": {"defect": ["MWB-2261"], "discovery": "INTERNAL"}, "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T14:00:14.594Z"}, "title": "CVE Program Container", "references": [{"tags": ["release-notes", "x_transferred"], "url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6248_7.10.6_2023-09-19.pdf"}, {"tags": ["vendor-advisory", "x_transferred"], "url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0005.json"}, {"url": "http://seclists.org/fulldisclosure/2024/Jan/3", "tags": ["x_transferred"]}, {"url": "http://packetstormsecurity.com/files/176421/OX-App-Suite-7.10.6-XSS-Command-Execution-LDAP-Injection.html", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:*:*:*:*:*:*:*:*", "matchCriteriaId": "5BBF1862-B6FF-4F32-A3C1-59D28BA25F81", "versionEndExcluding": "7.10.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:-:*:*:*:*:*:*", "matchCriteriaId": "3A4EAD2E-C3C3-4C79-8C42-375FFE638486", "vulnerable": true}, {"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev01:*:*:*:*:*:*", "matchCriteriaId": "39198733-D227-4935-9A60-1026040D262F", "vulnerable": true}, {"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev02:*:*:*:*:*:*", "matchCriteriaId": "3C86EE81-8CD4-4131-969A-BDA24B9B48E8", "vulnerable": true}, {"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev03:*:*:*:*:*:*", "matchCriteriaId": "F9E9C869-7DA9-4EFA-B613-82BA127F6CE5", "vulnerable": true}, {"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev04:*:*:*:*:*:*", "matchCriteriaId": "F8FAA329-5893-412B-8349-4DA3023CC76E", "vulnerable": true}, {"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev05:*:*:*:*:*:*", "matchCriteriaId": "BB6A57A4-B18D-498D-9A8C-406797A6255C", "vulnerable": true}, {"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev06:*:*:*:*:*:*", "matchCriteriaId": "7F0977F0-90B4-48B4-BED6-C218B5CA5E03", "vulnerable": true}, {"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev07:*:*:*:*:*:*", "matchCriteriaId": "4D55DE67-8F93-48F3-BE54-D3A065479281", "vulnerable": true}, {"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev08:*:*:*:*:*:*", "matchCriteriaId": "D27980B4-B71B-4DA8-B130-F0B5929F8E65", "vulnerable": true}, {"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev09:*:*:*:*:*:*", "matchCriteriaId": "DD1709BC-7DEB-4508-B3C3-B20F5FD001A3", "vulnerable": true}, {"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev10:*:*:*:*:*:*", "matchCriteriaId": "08A6BDD5-259E-4DC3-A548-00CD0D459749", "vulnerable": true}, {"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev11:*:*:*:*:*:*", "matchCriteriaId": "B8166FF4-77D8-4A12-92E5-615B3DA2E602", "vulnerable": true}, {"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev12:*:*:*:*:*:*", "matchCriteriaId": "999F057B-7918-461A-B60C-3BE72E92CDC9", "vulnerable": true}, {"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev13:*:*:*:*:*:*", "matchCriteriaId": "88FD1550-3715-493E-B674-9ECF3DD7A813", "vulnerable": true}, {"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev14:*:*:*:*:*:*", "matchCriteriaId": "F31A4949-397F-4D1B-8AEA-AC7B335722F8", "vulnerable": true}, {"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev15:*:*:*:*:*:*", "matchCriteriaId": "D33A91D4-CE21-486D-9469-B09060B8C637", "vulnerable": true}, {"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev16:*:*:*:*:*:*", "matchCriteriaId": "5E3E5CD2-7631-4DBE-AB4D-669E82BCCAD4", "vulnerable": true}, {"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev17:*:*:*:*:*:*", "matchCriteriaId": "2BEE0AF0-3D22-4DE7-9E71-A4469D9CA2EB", "vulnerable": true}, {"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev18:*:*:*:*:*:*", "matchCriteriaId": "AAFB199C-1D66-442D-AD7E-414DD339E1D3", "vulnerable": true}, {"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev19:*:*:*:*:*:*", "matchCriteriaId": "26322561-2491-4DC7-B974-0B92B61A5BDA", "vulnerable": true}, {"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev20:*:*:*:*:*:*", "matchCriteriaId": "A6BA6C2B-F2D5-4FF7-B316-C8E99C2B464B", "vulnerable": true}, {"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev21:*:*:*:*:*:*", "matchCriteriaId": "733E4A65-821B-4187-AA3A-1ACD3E882C07", "vulnerable": true}, {"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev22:*:*:*:*:*:*", "matchCriteriaId": "6B0A0043-33E8-4440-92AC-DDD70EA39535", "vulnerable": true}, {"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev23:*:*:*:*:*:*", "matchCriteriaId": "303205CC-8BDE-47EE-A675-9BA19983139A", "vulnerable": true}, {"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev24:*:*:*:*:*:*", "matchCriteriaId": "8C088014-47D6-4632-9FB5-2C7B1085B762", "vulnerable": true}, {"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev25:*:*:*:*:*:*", "matchCriteriaId": "42CF6057-EB40-4208-9F1E-83213E97987C", "vulnerable": true}, {"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev26:*:*:*:*:*:*", "matchCriteriaId": "966BC23E-B8CE-4F98-B3A6-4B620E8808BE", "vulnerable": true}, {"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev27:*:*:*:*:*:*", "matchCriteriaId": "7409CE19-ACC1-4AF4-8C8A-AE2CDBB63D3D", "vulnerable": true}, {"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev28:*:*:*:*:*:*", "matchCriteriaId": "17D71CDE-3111-459B-8520-F62E0D5D2972", "vulnerable": true}, {"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev29:*:*:*:*:*:*", "matchCriteriaId": "6D808ED6-F819-4014-BD24-4537D52DDFB0", "vulnerable": true}, {"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev30:*:*:*:*:*:*", "matchCriteriaId": "B3792A91-10E9-42D9-B852-37D369D8364E", "vulnerable": true}, {"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev31:*:*:*:*:*:*", "matchCriteriaId": "6F0BFEEF-8B19-4F71-B7F1-2CC94969616F", "vulnerable": true}, {"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev32:*:*:*:*:*:*", "matchCriteriaId": "52003F06-9351-49B6-A3C5-A2B6FC0B9F4D", "vulnerable": true}, {"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev33:*:*:*:*:*:*", "matchCriteriaId": "C8786112-32AE-4BA5-8D66-D4E2429D3228", "vulnerable": true}, {"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev34:*:*:*:*:*:*", "matchCriteriaId": "3A67F528-0248-4E24-A5AB-2995ED7D2600", "vulnerable": true}, {"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev35:*:*:*:*:*:*", "matchCriteriaId": "AE090C73-E093-4BD9-BEFE-634179500A78", "vulnerable": true}, {"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev36:*:*:*:*:*:*", "matchCriteriaId": "0A7CF0F7-5DF5-4749-A777-0F9EDCD14EA6", "vulnerable": true}, {"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev37:*:*:*:*:*:*", "matchCriteriaId": "EBE620A7-F071-4412-B0CE-7BCBF3BD7311", "vulnerable": true}, {"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev50:*:*:*:*:*:*", "matchCriteriaId": "1D7A5899-0795-452E-8B43-75C266AE6B88", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A component for parsing OXMF templates could be abused to execute arbitrary system commands that would be executed as the non-privileged runtime user. Users and attackers could run system commands with limited privilege to gain unauthorized access to confidential information and potentially violate integrity by modifying resources. The template engine has been reconfigured to deny execution of harmful commands on a system level. No publicly available exploits are known.\n\n"}, {"lang": "es", "value": "Se podr\u00eda abusar de un componente para analizar plantillas OXMF para ejecutar comandos arbitrarios del sistema que se ejecutar\u00edan como usuario de tiempo de ejecuci\u00f3n sin privilegios. Los usuarios y atacantes podr\u00edan ejecutar comandos del sistema con privilegios limitados para obtener acceso no autorizado a informaci\u00f3n confidencial y potencialmente violar la integridad al modificar recursos. El motor de plantillas se ha reconfigurado para denegar la ejecuci\u00f3n de comandos da\u00f1inos a nivel del sistema. No se conocen exploits disponibles p\u00fablicamente."}], "id": "CVE-2023-29048", "lastModified": "2024-01-12T14:09:06.640", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "security@open-xchange.com", "type": "Secondary"}]}, "published": "2024-01-08T09:15:19.893", "references": [{"source": "security@open-xchange.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/176421/OX-App-Suite-7.10.6-XSS-Command-Execution-LDAP-Injection.html"}, {"source": "security@open-xchange.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2024/Jan/3"}, {"source": "security@open-xchange.com", "tags": ["Issue Tracking"], "url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0005.json"}, {"source": "security@open-xchange.com", "tags": ["Release Notes"], "url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6248_7.10.6_2023-09-19.pdf"}], "sourceIdentifier": "security@open-xchange.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-78"}], "source": "security@open-xchange.com", "type": "Secondary"}]}

{}