CVE-2023-26442
low-risk
Published 2023-08-02
In case Cacheservice was configured to use a sproxyd object-storage backend, it would follow HTTP redirects issued by that backend. An attacker with access to a local or restricted network with the capability to intercept and replay HTTP requests to sproxyd (or who is in control of the sproxyd service) could perform a server-side request-forgery attack and make Cacheservice connect to unexpected resources. We have disabled the ability to follow HTTP redirects when connecting to sproxyd resources. No publicly available exploits are known.
Do I need to act?
-
0.04% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
3
CVSS 3.2/10
Low
LOCAL
/ HIGH complexity
Affected Products (1)
Open-Xchange Appsuite Office
Affected Vendors
References (8)
Third Party Advisory
http://packetstormsecurity.com/files/173943/OX-App-Suite-SSRF-SQL-Injection-Cros...
Mailing List
http://seclists.org/fulldisclosure/2023/Aug/8
Third Party Advisory
http://packetstormsecurity.com/files/173943/OX-App-Suite-SSRF-SQL-Injection-Cros...
Mailing List
http://seclists.org/fulldisclosure/2023/Aug/8
13
/ 100
low-risk
Severity
8/34 · Low
Exploitability
0/34 · Minimal
Exposure
5/34 · Minimal