{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-05T07:16:53.981","vulnerabilities":[{"cve":{"id":"CVE-2023-29046","sourceIdentifier":"security@open-xchange.com","published":"2023-11-02T14:15:11.217","lastModified":"2024-11-21T07:56:26.547","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Connections to external data sources, like e-mail autoconfiguration, were not terminated in case they hit a timeout, instead those connections were logged. Some connections use user-controlled endpoints, which could be malicious and attempt to keep the connection open for an extended period of time. As a result users were able to trigger large amount of egress network connections, possibly exhausting network pool resources and lock up legitimate requests. A new mechanism has been introduced to cancel external connections that might access user-controlled endpoints. No publicly available exploits are known.\n\n"},{"lang":"es","value":"Las conexiones a fuentes de datos externas, como la configuración automática de correo electrónico, no finalizaban en caso de que se agotara el tiempo de espera, sino que esas conexiones se registraban. Algunas conexiones utilizan endpoints controlados por el usuario, que podrían ser maliciosos e intentar mantener la conexión abierta durante un período prolongado. Como resultado, los usuarios pudieron activar una gran cantidad de conexiones de red de salida, lo que posiblemente agotó los recursos del grupo de redes y bloqueó solicitudes legítimas. Se ha introducido un nuevo mecanismo para cancelar conexiones externas que podrían acceder a endpoints controlados por el usuario. No se conocen exploits disponibles públicamente."}],"metrics":{"cvssMetricV31":[{"source":"security@open-xchange.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":1.4}]},"weaknesses":[{"source":"security@open-xchange.com","type":"Secondary","description":[{"lang":"en","value":"CWE-400"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-400"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:*:*:*:*:*:*:*:*","versionEndExcluding":"7.10.6","matchCriteriaId":"59D4F30E-2F52-4948-9C69-C57472833C79"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:-:*:*:*:*:*:*","matchCriteriaId":"A144D75D-60A8-4EE0-813C-F658C626B2AA"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6069:*:*:*:*:*:*","matchCriteriaId":"2DA66230-DE02-4881-A893-E9E78286B157"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6073:*:*:*:*:*:*","matchCriteriaId":"955F3DFB-6479-4867-B62A-82730DBEB498"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6080:*:*:*:*:*:*","matchCriteriaId":"327D1B56-0D05-4D99-91D4-CC1F0AC32972"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6085:*:*:*:*:*:*","matchCriteriaId":"D0CD0684-C431-47F8-A2F4-1936D5C5A72B"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6093:*:*:*:*:*:*","matchCriteriaId":"EAA6A4A7-C1EE-4716-9F4D-2FF4C4D5FEC8"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6102:*:*:*:*:*:*","matchCriteriaId":"D0968764-CCEE-47A7-9111-E106D887DA43"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6112:*:*:*:*:*:*","matchCriteriaId":"16589FBB-F0CD-4041-8141-5C89FCCA72AF"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6121:*:*:*:*:*:*","matchCriteriaId":"3CB877EE-A5FE-4FF7-9D21-5C1CFA7343D4"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6133:*:*:*:*:*:*","matchCriteriaId":"0DF5FB90-8D6D-4F99-B454-411B1DFFA630"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6138:*:*:*:*:*:*","matchCriteriaId":"F58876B9-6C2E-4048-A793-B441A84E86F5"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6141:*:*:*:*:*:*","matchCriteriaId":"D5F177CB-CC45-45A0-9D02-C14A13ECC7A3"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6146:*:*:*:*:*:*","matchCriteriaId":"A89A4192-54E9-4899-8C7B-6C7F7E650D5C"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6147:*:*:*:*:*:*","matchCriteriaId":"F2DC1357-9CD5-415F-A190-2F3F4498EF96"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6148:*:*:*:*:*:*","matchCriteriaId":"D78ACF64-2802-44DD-AF7A-1BD5EA7F9908"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6150:*:*:*:*:*:*","matchCriteriaId":"E8F675FA-1684-413A-B1BE-1C5434AC2862"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6156:*:*:*:*:*:*","matchCriteriaId":"F3F1FDC3-35B2-4BDB-A685-75BC72588179"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6161:*:*:*:*:*:*","matchCriteriaId":"5B1E509D-2F41-4296-86D2-6BD71783060F"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6166:*:*:*:*:*:*","matchCriteriaId":"AC93EA37-F341-45EC-B651-4F326FB8C613"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6173:*:*:*:*:*:*","matchCriteriaId":"1A4DB8A6-1702-462C-BFCB-39F91D2EFCE1"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6176:*:*:*:*:*:*","matchCriteriaId":"FC0AEFDB-D033-47FC-93FC-8652F922BB8C"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6178:*:*:*:*:*:*","matchCriteriaId":"B5354768-6527-43C2-B492-A8C14AB4E784"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6189:*:*:*:*:*:*","matchCriteriaId":"D83F26D1-B8C6-4114-81EC-810DD5412DC8"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6194:*:*:*:*:*:*","matchCriteriaId":"E9EBC010-9963-4636-96F7-A121FCF755A7"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6199:*:*:*:*:*:*","matchCriteriaId":"F626D64B-C301-4CD8-94B4-48689BD3F29C"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6204:*:*:*:*:*:*","matchCriteriaId":"5E32810C-7B35-42F1-BCA5-E10C02BE2215"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6205:*:*:*:*:*:*","matchCriteriaId":"6539D059-8614-4C26-93C4-C2DDCC5D35E2"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6209:*:*:*:*:*:*","matchCriteriaId":"E359EE75-A2F9-479B-B757-CAE1064AB8F4"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6210:*:*:*:*:*:*","matchCriteriaId":"0BCABDEF-D292-406E-B53C-AFF22484E916"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6214:*:*:*:*:*:*","matchCriteriaId":"ABE8872C-B1DD-4A45-8EF8-E8C355CA6C54"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6215:*:*:*:*:*:*","matchCriteriaId":"44B20B83-833A-4C68-8693-365BD046C157"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6216:*:*:*:*:*:*","matchCriteriaId":"E254E6D1-D18E-4A2A-A2FF-7D03F39E65DD"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6218:*:*:*:*:*:*","matchCriteriaId":"5F0C5E53-4D15-425A-B4CF-5869353724BF"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6219:*:*:*:*:*:*","matchCriteriaId":"2F4BF5F1-F316-4BAC-83E0-DEAC8C50754E"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6220:*:*:*:*:*:*","matchCriteriaId":"5CDD03A8-5B86-4B87-9C29-6C967261C5C0"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6227:*:*:*:*:*:*","matchCriteriaId":"6071E15F-4D59-41DC-A4D4-7D1AA392A1F2"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6230:*:*:*:*:*:*","matchCriteriaId":"C72C1CEB-7BF7-4A5F-B2E9-397F86CCBF4E"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6233:*:*:*:*:*:*","matchCriteriaId":"5B0F0218-4224-4084-B38D-9719D3782C03"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6235:*:*:*:*:*:*","matchCriteriaId":"BFC41329-1AD6-4575-A22D-977EC5539DA4"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6236:*:*:*:*:*:*","matchCriteriaId":"217A06B7-0823-4508-BC0C-AD792BA88F7B"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6239:*:*:*:*:*:*","matchCriteriaId":"246E98B2-A6C8-4410-AA6A-7E81EE8C5E76"},{"vulnerable":true,"criteria":"cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6241:*:*:*:*:*:*","matchCriteriaId":"74D1EC02-D009-45DA-B1EC-2219E0F0183C"}]}]}],"references":[{"url":"https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0004.json","source":"security@open-xchange.com"},{"url":"https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6243_7.10.6_2023-08-01.pdf","source":"security@open-xchange.com","tags":["Release Notes","Vendor Advisory"]},{"url":"https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0004.json","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6243_7.10.6_2023-08-01.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"]}]}}]}