First published: Mon Aug 31 2020(Updated: )
OX App Suite 7.10.1 to 7.10.3 has improper input validation for rate limits with a crafted User-Agent header, spoofed vacation notices, and /apps/load memory consumption.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Open-xchange Open-xchange Appsuite | >=7.10.1<=7.10.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2020-12645 is classified as critical with a CVSS score of 9.8.
OX App Suite versions 7.10.1 to 7.10.3 are affected by CVE-2020-12645.
CVE-2020-12645 can lead to improper input validation for rate limits, spoofed vacation notices, and excessive memory consumption in /apps/load.
To mitigate CVE-2020-12645, it is recommended to update OX App Suite to a version beyond 7.10.3.
More information about CVE-2020-12645 can be found at the following references: [1] [2].