CVE-2014-2078

Published: Apr 10, 2018Modified: Nov 21, 2024

5.3

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

The backend in Open-Xchange (OX) AppSuite 7.4.2 before 7.4.2-rev9 allows remote attackers to obtain sensitive information about user email addresses in opportunistic circumstances by leveraging a failure in e-mail auto configuration for external accounts.

Affected (1)

Products: Open Xchange: Open Xchange Appsuite

1 product

Open Xchange Appsuite

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Open Xchange Open Xchange Appsuite	Version 7.4.2

Related CWEs

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

http://www.securityfocus.com/archive/1/531502/100/0/threaded

Source: cve@mitre.org

MitigationThird Party AdvisoryVDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/92017

Source: cve@mitre.org

VDB EntryVendor Advisory

http://www.securityfocus.com/archive/1/531502/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

MitigationThird Party AdvisoryVDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/92017

Source: af854a3a-2127-422b-91ae-364da2661108

VDB EntryVendor Advisory

Timeline

No history available yet.