{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-22T11:37:42.136","vulnerabilities":[{"cve":{"id":"CVE-2013-6009","sourceIdentifier":"cve@mitre.org","published":"2013-10-03T19:55:21.540","lastModified":"2026-06-16T23:59:52.887","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"CRLF injection vulnerability in Open-Xchange AppSuite before 7.2.2, when using AJP in certain conditions, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the ajax/defer servlet."},{"lang":"es","value":"Vulnerabilidad de inyección CRLF en Open-Xchange AppSuite anterior a la versión 7.2.2, cuando se usa AJP en ciertas condiciones, permite a atacantes remotos inyectar cabeceras HTTP arbitrarias y llevar a cabo ataques de división de respuestas HTTP a través del servlet ajax/defer."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:*:*:*:*:*:*:*:*","versionEndIncluding":"7.2.1","matchCriteriaId":"C706FA8C-6D31-40A4-8B5A-ED1CA206B1CA"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:6.20.7:*:*:*:*:*:*:*","matchCriteriaId":"983E5F3A-E7AD-4CCA-80D4-9C012AFCCDD4"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:6.22.0:*:*:*:*:*:*:*","matchCriteriaId":"2F85EE0C-B7A0-455A-96F6-E4E6BA5D7216"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:6.22.1:*:*:*:*:*:*:*","matchCriteriaId":"2D9572CB-9A46-492E-BDCC-E01849EF0EC0"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:7.0.1:*:*:*:*:*:*:*","matchCriteriaId":"138461CD-9C27-40E5-B7A0-A37737B6E942"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:7.0.2:*:*:*:*:*:*:*","matchCriteriaId":"108BCEFD-3098-4919-9B0C-E80F6FA1C102"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:7.2.0:*:*:*:*:*:*:*","matchCriteriaId":"DDBB02DF-1022-4FE5-B5E1-198DC58F8C1B"}]}]}],"references":[{"url":"http://www.securityfocus.com/archive/1/528940","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/archive/1/528940","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}