CVE-2022-43698 — Vulnetix

CVE-2022-43698 PUBLISHED CVSS 4.300000190734863 MEDIUM

OX App Suite before 7.10.6-rev30 allows SSRF because changing a POP3 account disregards the deny-list.

EPSS 0.15% · 35.6th percentile

Risk Scores

CVSS 3.1

4.300000190734863

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

EPSS Score

0.15%

35.6th percentile

Affected Products

Vendor	Product	Versions
n/a	n/a	*
open-xchange	ox_app_suite	7.10.6, 7.10.6, 7.10.6

Exploit Intelligence

https://open-xchange.com (circl)
https://seclists.org/fulldisclosure/2023/Feb/3 (circl)

Timeline

Nov 1, 2022 CVE Published
Apr 15, 2023 EPSS Score
May 23, 2023 EPSS Score
Jun 29, 2023 EPSS Score
Aug 6, 2023 EPSS Score
Sep 12, 2023 EPSS Score
Oct 20, 2023 EPSS Score
Nov 27, 2023 EPSS Score
Jan 3, 2024 EPSS Score
Jan 22, 2024 CVE Updated
Feb 10, 2024 EPSS Score
Mar 19, 2024 EPSS Score

References

Open in Interactive Console →

$ Console Community · 100/wk Open console ›