CVE-2018-5756

Published: Jun 16, 2018Modified: Nov 21, 2024

4.3

Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Exploitability: 2.8 / Impact: 1.4

Source: NVD

Description

The backend component in Open-Xchange OX App Suite before 7.6.3-rev36, 7.8.x before 7.8.2-rev39, 7.8.3 before 7.8.3-rev44, and 7.8.4 before 7.8.4-rev22 does not properly check for folder-to-object association, which allows remote authenticated users to delete arbitrary tasks via the task id in a delete action to api/tasks.

Affected (78)

Products: Open Xchange: Open Xchange Appsuite

Open Xchange

1 product

Open Xchange Appsuite

Configuration A

78 vulnerable

Vulnerable Software	Affected Versions
Open Xchange Open Xchange Appsuite	Up to 7.6.3
Open Xchange Open Xchange Appsuite	Version 7.6.3 rev14
Open Xchange Open Xchange Appsuite	Version 7.6.3 rev15
Open Xchange Open Xchange Appsuite	Version 7.6.3 rev16
Open Xchange Open Xchange Appsuite	Version 7.6.3 rev17
Open Xchange Open Xchange Appsuite	Version 7.6.3 rev18
Open Xchange Open Xchange Appsuite	Version 7.6.3 rev20
Open Xchange Open Xchange Appsuite	Version 7.6.3 rev22
Open Xchange Open Xchange Appsuite	Version 7.6.3 rev23
Open Xchange Open Xchange Appsuite	Version 7.6.3 rev24
Open Xchange Open Xchange Appsuite	Version 7.6.3 rev25
Open Xchange Open Xchange Appsuite	Version 7.6.3 rev26
Open Xchange Open Xchange Appsuite	Version 7.6.3 rev28
Open Xchange Open Xchange Appsuite	Version 7.6.3 rev29
Open Xchange Open Xchange Appsuite	Version 7.6.3 rev30
Open Xchange Open Xchange Appsuite	Version 7.6.3 rev31
Open Xchange Open Xchange Appsuite	Version 7.6.3 rev32
Open Xchange Open Xchange Appsuite	Version 7.6.3 rev33
Open Xchange Open Xchange Appsuite	Version 7.6.3 rev35
Open Xchange Open Xchange Appsuite	Version 7.8.0
Open Xchange Open Xchange Appsuite	Version 7.8.2
Open Xchange Open Xchange Appsuite	Version 7.8.3
Open Xchange Open Xchange Appsuite	Version 7.8.3 rev10
Open Xchange Open Xchange Appsuite	Version 7.8.3 rev11
Open Xchange Open Xchange Appsuite	Version 7.8.3 rev12
Open Xchange Open Xchange Appsuite	Version 7.8.3 rev13
Open Xchange Open Xchange Appsuite	Version 7.8.3 rev14
Open Xchange Open Xchange Appsuite	Version 7.8.3 rev15
Open Xchange Open Xchange Appsuite	Version 7.8.3 rev16
Open Xchange Open Xchange Appsuite	Version 7.8.3 rev17
Open Xchange Open Xchange Appsuite	Version 7.8.3 rev18
Open Xchange Open Xchange Appsuite	Version 7.8.3 rev19
Open Xchange Open Xchange Appsuite	Version 7.8.3 rev20
Open Xchange Open Xchange Appsuite	Version 7.8.3 rev21
Open Xchange Open Xchange Appsuite	Version 7.8.3 rev22
Open Xchange Open Xchange Appsuite	Version 7.8.3 rev23
Open Xchange Open Xchange Appsuite	Version 7.8.3 rev24
Open Xchange Open Xchange Appsuite	Version 7.8.3 rev25
Open Xchange Open Xchange Appsuite	Version 7.8.3 rev26
Open Xchange Open Xchange Appsuite	Version 7.8.3 rev27
Open Xchange Open Xchange Appsuite	Version 7.8.3 rev28
Open Xchange Open Xchange Appsuite	Version 7.8.3 rev29
Open Xchange Open Xchange Appsuite	Version 7.8.3 rev30
Open Xchange Open Xchange Appsuite	Version 7.8.3 rev31
Open Xchange Open Xchange Appsuite	Version 7.8.3 rev32
Open Xchange Open Xchange Appsuite	Version 7.8.3 rev33
Open Xchange Open Xchange Appsuite	Version 7.8.3 rev34
Open Xchange Open Xchange Appsuite	Version 7.8.3 rev35
Open Xchange Open Xchange Appsuite	Version 7.8.3 rev36
Open Xchange Open Xchange Appsuite	Version 7.8.3 rev38
Open Xchange Open Xchange Appsuite	Version 7.8.3 rev39
Open Xchange Open Xchange Appsuite	Version 7.8.3 rev40
Open Xchange Open Xchange Appsuite	Version 7.8.3 rev41
Open Xchange Open Xchange Appsuite	Version 7.8.3 rev42
Open Xchange Open Xchange Appsuite	Version 7.8.3 rev43
Open Xchange Open Xchange Appsuite	Version 7.8.3 rev5
Open Xchange Open Xchange Appsuite	Version 7.8.3 rev6
Open Xchange Open Xchange Appsuite	Version 7.8.3 rev8
Open Xchange Open Xchange Appsuite	Version 7.8.3 rev9
Open Xchange Open Xchange Appsuite	Version 7.8.4
Open Xchange Open Xchange Appsuite	Version 7.8.4 rev10
Open Xchange Open Xchange Appsuite	Version 7.8.4 rev11
Open Xchange Open Xchange Appsuite	Version 7.8.4 rev13
Open Xchange Open Xchange Appsuite	Version 7.8.4 rev14
Open Xchange Open Xchange Appsuite	Version 7.8.4 rev15
Open Xchange Open Xchange Appsuite	Version 7.8.4 rev16
Open Xchange Open Xchange Appsuite	Version 7.8.4 rev17
Open Xchange Open Xchange Appsuite	Version 7.8.4 rev18
Open Xchange Open Xchange Appsuite	Version 7.8.4 rev19
Open Xchange Open Xchange Appsuite	Version 7.8.4 rev20
Open Xchange Open Xchange Appsuite	Version 7.8.4 rev21
Open Xchange Open Xchange Appsuite	Version 7.8.4 rev3
Open Xchange Open Xchange Appsuite	Version 7.8.4 rev4
Open Xchange Open Xchange Appsuite	Version 7.8.4 rev5
Open Xchange Open Xchange Appsuite	Version 7.8.4 rev6
Open Xchange Open Xchange Appsuite	Version 7.8.4 rev7
Open Xchange Open Xchange Appsuite	Version 7.8.4 rev8
Open Xchange Open Xchange Appsuite	Version 7.8.4 rev9