CVE-2018-9998
05.07.2018, 20:29
Open-Xchange OX App Suite before 7.6.3-rev37, 7.8.x before 7.8.2-rev40, 7.8.3 before 7.8.3-rev48, and 7.8.4 before 7.8.4-rev28 include folder names in API error responses, which allows remote attackers to obtain sensitive information via the folder parameter in an "all" action to api/tasks.Enginsight
| Vendor | Product | Version |
|---|---|---|
| open-xchange | open-xchange_appsuite | 𝑥 ≤ 7.6.3 |
| open-xchange | open-xchange_appsuite | 7.6.3:rev14 |
| open-xchange | open-xchange_appsuite | 7.6.3:rev15 |
| open-xchange | open-xchange_appsuite | 7.6.3:rev16 |
| open-xchange | open-xchange_appsuite | 7.6.3:rev17 |
| open-xchange | open-xchange_appsuite | 7.6.3:rev18 |
| open-xchange | open-xchange_appsuite | 7.6.3:rev20 |
| open-xchange | open-xchange_appsuite | 7.6.3:rev22 |
| open-xchange | open-xchange_appsuite | 7.6.3:rev23 |
| open-xchange | open-xchange_appsuite | 7.6.3:rev24 |
| open-xchange | open-xchange_appsuite | 7.6.3:rev25 |
| open-xchange | open-xchange_appsuite | 7.6.3:rev26 |
| open-xchange | open-xchange_appsuite | 7.6.3:rev28 |
| open-xchange | open-xchange_appsuite | 7.6.3:rev29 |
| open-xchange | open-xchange_appsuite | 7.6.3:rev30 |
| open-xchange | open-xchange_appsuite | 7.6.3:rev31 |
| open-xchange | open-xchange_appsuite | 7.6.3:rev32 |
| open-xchange | open-xchange_appsuite | 7.6.3:rev33 |
| open-xchange | open-xchange_appsuite | 7.6.3:rev35 |
| open-xchange | open-xchange_appsuite | 7.6.3:rev36 |
| open-xchange | open-xchange_appsuite | 7.8.0 |
| open-xchange | open-xchange_appsuite | 7.8.2 |
| open-xchange | open-xchange_appsuite | 7.8.3 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev10 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev11 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev12 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev13 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev14 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev15 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev16 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev17 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev18 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev19 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev20 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev21 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev22 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev23 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev24 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev25 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev26 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev27 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev28 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev29 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev30 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev31 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev32 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev33 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev34 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev35 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev36 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev38 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev39 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev40 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev41 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev42 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev43 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev44 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev45 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev46 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev47 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev5 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev6 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev8 |
| open-xchange | open-xchange_appsuite | 7.8.3:rev9 |
| open-xchange | open-xchange_appsuite | 7.8.4 |
| open-xchange | open-xchange_appsuite | 7.8.4:rev10 |
| open-xchange | open-xchange_appsuite | 7.8.4:rev11 |
| open-xchange | open-xchange_appsuite | 7.8.4:rev13 |
| open-xchange | open-xchange_appsuite | 7.8.4:rev14 |
| open-xchange | open-xchange_appsuite | 7.8.4:rev15 |
| open-xchange | open-xchange_appsuite | 7.8.4:rev16 |
| open-xchange | open-xchange_appsuite | 7.8.4:rev17 |
| open-xchange | open-xchange_appsuite | 7.8.4:rev18 |
| open-xchange | open-xchange_appsuite | 7.8.4:rev19 |
| open-xchange | open-xchange_appsuite | 7.8.4:rev20 |
| open-xchange | open-xchange_appsuite | 7.8.4:rev21 |
| open-xchange | open-xchange_appsuite | 7.8.4:rev22 |
| open-xchange | open-xchange_appsuite | 7.8.4:rev23 |
| open-xchange | open-xchange_appsuite | 7.8.4:rev24 |
| open-xchange | open-xchange_appsuite | 7.8.4:rev25 |
| open-xchange | open-xchange_appsuite | 7.8.4:rev26 |
| open-xchange | open-xchange_appsuite | 7.8.4:rev27 |
| open-xchange | open-xchange_appsuite | 7.8.4:rev3 |
| open-xchange | open-xchange_appsuite | 7.8.4:rev4 |
| open-xchange | open-xchange_appsuite | 7.8.4:rev5 |
| open-xchange | open-xchange_appsuite | 7.8.4:rev6 |
| open-xchange | open-xchange_appsuite | 7.8.4:rev7 |
| open-xchange | open-xchange_appsuite | 7.8.4:rev8 |
| open-xchange | open-xchange_appsuite | 7.8.4:rev9 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration