CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-26455

RMI was not requiring authentication when calling ChronosRMIService:setEventOrganizer. Attackers with local or adjacent network access could abuse the RMI service to modify calendar items using RMI. RMI access is restricted to localhost by default. The interface has been updated to require authenticated requests. No publicly available exploits are known.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 5.8%

CVSS Severity

CVSS v3 Score 5.6

References

Products affected by CVE-2023-26455

Open-Xchange » Open-Xchange Appsuite » Version: 6.20.7

cpe:2.3:a:open-xchange:open-xchange_appsuite:6.20.7
Open-Xchange » Open-Xchange Appsuite » Version: 6.22.0

cpe:2.3:a:open-xchange:open-xchange_appsuite:6.22.0
Open-Xchange » Open-Xchange Appsuite » Version: 6.22.1

cpe:2.3:a:open-xchange:open-xchange_appsuite:6.22.1
Open-Xchange » Open-Xchange Appsuite » Version: 6.22.3

cpe:2.3:a:open-xchange:open-xchange_appsuite:6.22.3
Open-Xchange » Open-Xchange Appsuite » Version: 6.22.4

cpe:2.3:a:open-xchange:open-xchange_appsuite:6.22.4
Open-Xchange » Open-Xchange Appsuite » Version: 7.0.1

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.0.1
Open-Xchange » Open-Xchange Appsuite » Version: 7.0.2

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.0.2
Open-Xchange » Open-Xchange Appsuite » Version: 7.10.0

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.0
Open-Xchange » Open-Xchange Appsuite » Version: 7.10.1

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.1
Open-Xchange » Open-Xchange Appsuite » Version: 7.10.2

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.2
Open-Xchange » Open-Xchange Appsuite » Version: 7.10.3

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.3
Open-Xchange » Open-Xchange Appsuite » Version: 7.10.4

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.4
Open-Xchange » Open-Xchange Appsuite » Version: 7.10.5

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5
Open-Xchange » Open-Xchange Appsuite » Version: 7.10.6

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6
Open-Xchange » Open-Xchange Appsuite » Version: 7.2.0

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.2.0
Open-Xchange » Open-Xchange Appsuite » Version: 7.2.1

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.2.1
Open-Xchange » Open-Xchange Appsuite » Version: 7.2.2

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.2.2
Open-Xchange » Open-Xchange Appsuite » Version: 7.4.0

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.4.0
Open-Xchange » Open-Xchange Appsuite » Version: 7.4.1

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.4.1
Open-Xchange » Open-Xchange Appsuite » Version: 7.4.2

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.4.2
Open-Xchange » Open-Xchange Appsuite » Version: 7.6.0

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.6.0
Open-Xchange » Open-Xchange Appsuite » Version: 7.6.1

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.6.1
Open-Xchange » Open-Xchange Appsuite » Version: 7.6.2

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.6.2
Open-Xchange » Open-Xchange Appsuite » Version: 7.6.3

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.6.3
Open-Xchange » Open-Xchange Appsuite » Version: 7.8.0

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.8.0
Open-Xchange » Open-Xchange Appsuite » Version: 7.8.1

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.8.1
Open-Xchange » Open-Xchange Appsuite » Version: 7.8.2

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.8.2
Open-Xchange » Open-Xchange Appsuite » Version: 7.8.3

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.8.3
Open-Xchange » Open-Xchange Appsuite » Version: 7.8.4

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.8.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-26455

Products

Pricing

Contact Us