What is the severity of CVE-2023-24605?

The severity of CVE-2023-24605 is medium with a severity value of 4.

How does CVE-2023-24605 affect Open-xchange Ox App Suite?

CVE-2023-24605 affects Open-xchange Ox App Suite versions 7.10.6-rev01 to 7.10.6-rev30.

Does CVE-2023-24605 enforce 2FA for all endpoints?

No, CVE-2023-24605 does not enforce 2FA for all endpoints.

Which endpoints are affected by CVE-2023-24605?

CVE-2023-24605 affects endpoints such as reading from a drive, reading contact data, and renaming tokens.

Where can I find more information about CVE-2023-24605?

You can find more information about CVE-2023-24605 on the Open-xchange website and the seclists.org security mailing list.

Vulnerability/
CVE-2023-24605

medium

4.2

CWE

862

29/5/2023

14/1/2025

CVE-2023-24605

First published: Mon May 29 2023(Updated: )

OX App Suite before backend 7.10.6-rev37 does not enforce 2FA for all endpoints, e.g., reading from a drive, reading contact data, and renaming tokens.

Credit: cve@mitre.org cve@mitre.org

Affected Software	Affected Version	How to fix
Open-Xchange App Suite Backend	=7.10.6-rev01
Open-Xchange App Suite Backend	=7.10.6-rev02
Open-Xchange App Suite Backend	=7.10.6-rev03
Open-Xchange App Suite Backend	=7.10.6-rev04
Open-Xchange App Suite Backend	=7.10.6-rev05
Open-Xchange App Suite Backend	=7.10.6-rev06
Open-Xchange App Suite Backend	=7.10.6-rev07
Open-Xchange App Suite Backend	=7.10.6-rev08
Open-Xchange App Suite Backend	=7.10.6-rev09
Open-Xchange App Suite Backend	=7.10.6-rev10
Open-Xchange App Suite Backend	=7.10.6-rev11
Open-Xchange App Suite Backend	=7.10.6-rev12
Open-Xchange App Suite Backend	=7.10.6-rev13
Open-Xchange App Suite Backend	=7.10.6-rev14
Open-Xchange App Suite Backend	=7.10.6-rev15
Open-Xchange App Suite Backend	=7.10.6-rev16
Open-Xchange App Suite Backend	=7.10.6-rev17
Open-Xchange App Suite Backend	=7.10.6-rev18
Open-Xchange App Suite Backend	=7.10.6-rev19
Open-Xchange App Suite Backend	=7.10.6-rev20
Open-Xchange App Suite Backend	=7.10.6-rev21
Open-Xchange App Suite Backend	=7.10.6-rev22
Open-Xchange App Suite Backend	=7.10.6-rev23
Open-Xchange App Suite Backend	=7.10.6-rev24
Open-Xchange App Suite Backend	=7.10.6-rev25
Open-Xchange App Suite Backend	=7.10.6-rev26
Open-Xchange App Suite Backend	=7.10.6-rev27
Open-Xchange App Suite Backend	=7.10.6-rev28
Open-Xchange App Suite Backend	=7.10.6-rev29
Open-Xchange App Suite Backend	=7.10.6-rev30
Open-Xchange App Suite Backend	<7.10.6
Open-Xchange App Suite Backend	=7.10.6
Open-Xchange App Suite Backend	=7.10.6-rev36
Open-Xchange App Suite Backend	=7.10.6-rev35
Open-Xchange App Suite Backend	=7.10.6-rev34
Open-Xchange App Suite Backend	=7.10.6-rev33
Open-Xchange App Suite Backend	=7.10.6-rev32
Open-Xchange App Suite Backend	=7.10.6-rev31

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2023-24605?
The severity of CVE-2023-24605 is medium with a severity value of 4.
How does CVE-2023-24605 affect Open-xchange Ox App Suite?
CVE-2023-24605 affects Open-xchange Ox App Suite versions 7.10.6-rev01 to 7.10.6-rev30.
Does CVE-2023-24605 enforce 2FA for all endpoints?
No, CVE-2023-24605 does not enforce 2FA for all endpoints.
Which endpoints are affected by CVE-2023-24605?
CVE-2023-24605 affects endpoints such as reading from a drive, reading contact data, and renaming tokens.
Where can I find more information about CVE-2023-24605?
You can find more information about CVE-2023-24605 on the Open-xchange website and the seclists.org security mailing list.

agent/references
agent/type
agent/severity
agent/weakness
agent/description
agent/first-publish-date
agent/event
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/author
agent/source
agent/tags
agent/softwarecombine
collector/nvd-latest
vendor/open-xchange
vendor/ox app suite
agent/software-canonical-lookup-request
collector/nvd-index
collector/nvd-api
source/NVD
agent/software-canonical-lookup
canonical/open-xchange app suite backend
version/open-xchange app suite backend/7.10.6-rev01
version/open-xchange app suite backend/7.10.6-rev02
version/open-xchange app suite backend/7.10.6-rev03
version/open-xchange app suite backend/7.10.6-rev04
version/open-xchange app suite backend/7.10.6-rev05
version/open-xchange app suite backend/7.10.6-rev06
version/open-xchange app suite backend/7.10.6-rev07
version/open-xchange app suite backend/7.10.6-rev08
version/open-xchange app suite backend/7.10.6-rev09
version/open-xchange app suite backend/7.10.6-rev10
version/open-xchange app suite backend/7.10.6-rev11
version/open-xchange app suite backend/7.10.6-rev12
version/open-xchange app suite backend/7.10.6-rev13
version/open-xchange app suite backend/7.10.6-rev14
version/open-xchange app suite backend/7.10.6-rev15
version/open-xchange app suite backend/7.10.6-rev16
version/open-xchange app suite backend/7.10.6-rev17
version/open-xchange app suite backend/7.10.6-rev18
version/open-xchange app suite backend/7.10.6-rev19
version/open-xchange app suite backend/7.10.6-rev20
version/open-xchange app suite backend/7.10.6-rev21
version/open-xchange app suite backend/7.10.6-rev22
version/open-xchange app suite backend/7.10.6-rev23
version/open-xchange app suite backend/7.10.6-rev24
version/open-xchange app suite backend/7.10.6-rev25
version/open-xchange app suite backend/7.10.6-rev26
version/open-xchange app suite backend/7.10.6-rev27
version/open-xchange app suite backend/7.10.6-rev28
version/open-xchange app suite backend/7.10.6-rev29
version/open-xchange app suite backend/7.10.6-rev30
version/open-xchange app suite backend/7.10.6
version/open-xchange app suite backend/7.10.6-rev36
version/open-xchange app suite backend/7.10.6-rev35
version/open-xchange app suite backend/7.10.6-rev34
version/open-xchange app suite backend/7.10.6-rev33
version/open-xchange app suite backend/7.10.6-rev32
version/open-xchange app suite backend/7.10.6-rev31