CVE-2014-9466

Published: Feb 17, 2015Modified: May 6, 2026

4.0

Vector

AV:N/AC:L/Au:S/C:P/I:N/A:N

Exploitability: 8.0 / Impact: 2.9

Source: NVD

Description

Open-Xchange (OX) AppSuite and Server before 7.4.2-rev42, 7.6.0 before 7.6.0-rev36, and 7.6.1 before 7.6.1-rev14 does not properly handle directory permissions, which allows remote authenticated users to read files via unspecified vectors, related to the "folder identifier."

Affected (3)

Products: Open Xchange: Open Xchange Appsuite

1 product

Open Xchange Appsuite

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Open Xchange Open Xchange Appsuite	Version 7.4.2
Open Xchange Open Xchange Appsuite	Version 7.6.0
Open Xchange Open Xchange Appsuite	Version 7.6.1

Related CWEs

References (10)

http://packetstormsecurity.com/files/130379/Open-Xchange-Server-6-OX-AppSuite-7.6.1-Exposure.html

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/534695/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/72587

Source: cve@mitre.org

http://www.securitytracker.com/id/1031744

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/100867

Source: cve@mitre.org

http://packetstormsecurity.com/files/130379/Open-Xchange-Server-6-OX-AppSuite-7.6.1-Exposure.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/534695/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/72587

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id/1031744

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/100867

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.