CVE-2022-43698: SSRF
First published: Sat Apr 15 2023(Updated: )
OX App Suite before 7.10.6-rev30 allows SSRF because changing a POP3 account disregards the deny-list.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Open-xchange Ox App Suite | <7.10.6 | |
| Open-xchange Ox App Suite | =7.10.6 | |
| Open-xchange Ox App Suite | =7.10.6-rev01 | |
| Open-xchange Ox App Suite | =7.10.6-rev02 | |
| Open-xchange Ox App Suite | =7.10.6-rev03 | |
| Open-xchange Ox App Suite | =7.10.6-rev04 | |
| Open-xchange Ox App Suite | =7.10.6-rev05 | |
| Open-xchange Ox App Suite | =7.10.6-rev06 | |
| Open-xchange Ox App Suite | =7.10.6-rev07 | |
| Open-xchange Ox App Suite | =7.10.6-rev08 | |
| Open-xchange Ox App Suite | =7.10.6-rev09 | |
| Open-xchange Ox App Suite | =7.10.6-rev10 | |
| Open-xchange Ox App Suite | =7.10.6-rev11 | |
| Open-xchange Ox App Suite | =7.10.6-rev12 | |
| Open-xchange Ox App Suite | =7.10.6-rev13 | |
| Open-xchange Ox App Suite | =7.10.6-rev14 | |
| Open-xchange Ox App Suite | =7.10.6-rev15 | |
| Open-xchange Ox App Suite | =7.10.6-rev16 | |
| Open-xchange Ox App Suite | =7.10.6-rev17 | |
| Open-xchange Ox App Suite | =7.10.6-rev18 | |
| Open-xchange Ox App Suite | =7.10.6-rev19 | |
| Open-xchange Ox App Suite | =7.10.6-rev20 | |
| Open-xchange Ox App Suite | =7.10.6-rev21 | |
| Open-xchange Ox App Suite | =7.10.6-rev22 | |
| Open-xchange Ox App Suite | =7.10.6-rev23 | |
| Open-xchange Ox App Suite | =7.10.6-rev24 | |
| Open-xchange Ox App Suite | =7.10.6-rev25 | |
| Open-xchange Ox App Suite | =7.10.6-rev26 | |
| Open-xchange Ox App Suite | =7.10.6-rev27 | |
| Open-xchange Ox App Suite | =7.10.6-rev28 | |
| Open-xchange Ox App Suite | =7.10.6-rev29 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2022-43698?
CVE-2022-43698 is a vulnerability in OX App Suite before 7.10.6-rev30 that allows Server-Side Request Forgery (SSRF) when changing a POP3 account disregards the deny-list.
Which software versions are affected by CVE-2022-43698?
OX App Suite versions up to and including 7.10.6-rev30 are affected by CVE-2022-43698.
What is the severity of CVE-2022-43698?
CVE-2022-43698 has a severity rating of 4.3 (medium).
How can I fix CVE-2022-43698?
To fix CVE-2022-43698, update OX App Suite to version 7.10.6-rev30 or higher.
Where can I find more information about CVE-2022-43698?
More information about CVE-2022-43698 can be found at the following references: [link1](https://open-xchange.com), [link2](https://seclists.org/fulldisclosure/2023/Feb/3).
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/severity
- agent/last-modified-date
- agent/weakness
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/open-xchange
- canonical/open-xchange ox app suite
- version/open-xchange ox app suite/7.10.6
- version/open-xchange ox app suite/7.10.6-rev01
- version/open-xchange ox app suite/7.10.6-rev02
- version/open-xchange ox app suite/7.10.6-rev03
- version/open-xchange ox app suite/7.10.6-rev04
- version/open-xchange ox app suite/7.10.6-rev05
- version/open-xchange ox app suite/7.10.6-rev06
- version/open-xchange ox app suite/7.10.6-rev07
- version/open-xchange ox app suite/7.10.6-rev08
- version/open-xchange ox app suite/7.10.6-rev09
- version/open-xchange ox app suite/7.10.6-rev10
- version/open-xchange ox app suite/7.10.6-rev11
- version/open-xchange ox app suite/7.10.6-rev12
- version/open-xchange ox app suite/7.10.6-rev13
- version/open-xchange ox app suite/7.10.6-rev14
- version/open-xchange ox app suite/7.10.6-rev15
- version/open-xchange ox app suite/7.10.6-rev16
- version/open-xchange ox app suite/7.10.6-rev17
- version/open-xchange ox app suite/7.10.6-rev18
- version/open-xchange ox app suite/7.10.6-rev19
- version/open-xchange ox app suite/7.10.6-rev20
- version/open-xchange ox app suite/7.10.6-rev21
- version/open-xchange ox app suite/7.10.6-rev22
- version/open-xchange ox app suite/7.10.6-rev23
- version/open-xchange ox app suite/7.10.6-rev24
- version/open-xchange ox app suite/7.10.6-rev25
- version/open-xchange ox app suite/7.10.6-rev26
- version/open-xchange ox app suite/7.10.6-rev27
- version/open-xchange ox app suite/7.10.6-rev28
- version/open-xchange ox app suite/7.10.6-rev29