CVE-2018-5756
16.06.2018, 01:29
The backend component in Open-Xchange OX App Suite before 7.6.3-rev36, 7.8.x before 7.8.2-rev39, 7.8.3 before 7.8.3-rev44, and 7.8.4 before 7.8.4-rev22 does not properly check for folder-to-object association, which allows remote authenticated users to delete arbitrary tasks via the task id in a delete action to api/tasks.Enginsight
| Vendor | Product | Version |
|---|---|---|
| open-xchange | open-xchange_appsuite | 𝑥 ≤ 7.6.3 |
| open-xchange | open-xchange_appsuite | 7.6.3:rev14 |
| open-xchange | open-xchange_appsuite | 7.6.3:rev15 |
| open-xchange | open-xchange_appsuite | 7.6.3:rev16 |
| open-xchange | open-xchange_appsuite | 7.6.3:rev17 |
| open-xchange | open-xchange_appsuite | 7.6.3:rev18 |
| open-xchange | open-xchange_appsuite | 7.6.3:rev20 |
| open-xchange | open-xchange_appsuite | 7.6.3:rev22 |
| open-xchange | open-xchange_appsuite | 7.6.3:rev23 |
| open-xchange | open-xchange_appsuite | 7.6.3:rev24 |
| open-xchange | open-xchange_appsuite | 7.6.3:rev25 |
| open-xchange | open-xchange_appsuite | 7.6.3:rev26 |
| open-xchange | open-xchange_appsuite | 7.6.3:rev28 |
| open-xchange | open-xchange_appsuite | 7.6.3:rev29 |
| open-xchange | open-xchange_appsuite | 7.6.3:rev30 |
| open-xchange | open-xchange_appsuite | 7.6.3:rev31 |
| open-xchange | open-xchange_appsuite | 7.6.3:rev32 |
| open-xchange | open-xchange_appsuite | 7.6.3:rev33 |
| open-xchange | open-xchange_appsuite | 7.6.3:rev35 |
| open-xchange | open-xchange_appsuite | 7.8.0 |
| open-xchange | open-xchange_appsuite | 7.8.2 |
| open-xchange | open-xchange_appsuite | 7.8.3 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev10 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev11 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev12 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev13 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev14 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev15 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev16 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev17 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev18 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev19 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev20 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev21 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev22 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev23 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev24 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev25 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev26 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev27 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev28 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev29 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev30 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev31 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev32 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev33 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev34 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev35 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev36 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev38 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev39 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev40 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev41 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev42 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev43 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev5 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev6 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev8 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev9 |
| open-xchange | open-xchange_appsuite | 7.8.4 |
| open-xchange | open-xchange_appsuite | 7.8.4:rev10 |
| open-xchange | open-xchange_appsuite | 7.8.4:rev11 |
| open-xchange | open-xchange_appsuite | 7.8.4:rev13 |
| open-xchange | open-xchange_appsuite | 7.8.4:rev14 |
| open-xchange | open-xchange_appsuite | 7.8.4:rev15 |
| open-xchange | open-xchange_appsuite | 7.8.4:rev16 |
| open-xchange | open-xchange_appsuite | 7.8.4:rev17 |
| open-xchange | open-xchange_appsuite | 7.8.4:rev18 |
| open-xchange | open-xchange_appsuite | 7.8.4:rev19 |
| open-xchange | open-xchange_appsuite | 7.8.4:rev20 |
| open-xchange | open-xchange_appsuite | 7.8.4:rev21 |
| open-xchange | open-xchange_appsuite | 7.8.4:rev3 |
| open-xchange | open-xchange_appsuite | 7.8.4:rev4 |
| open-xchange | open-xchange_appsuite | 7.8.4:rev5 |
| open-xchange | open-xchange_appsuite | 7.8.4:rev6 |
| open-xchange | open-xchange_appsuite | 7.8.4:rev7 |
| open-xchange | open-xchange_appsuite | 7.8.4:rev8 |
| open-xchange | open-xchange_appsuite | 7.8.4:rev9 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References