CVE-2013-5200

Open-Xchange AppSuite <7.0.2-7.2.2 - Info Disclosure

Title source: llm

Description

The (1) REST and (2) memcache interfaces in the Hazelcast cluster API in Open-Xchange AppSuite 7.0.x before 7.0.2-rev15 and 7.2.x before 7.2.2-rev16 do not require authentication, which allows remote attackers to obtain sensitive information or modify data via an API call.

References (1)

[Exploit] http://archives.neohapsis.com/archives/bugtraq/2013-09/0032.html

Scores

EPSS 0.0051

EPSS Percentile 66.2%

Classification

CWE

CWE-287

Status draft

Affected Products (4)

open-xchange/open-xchange_appsuite

Timeline

Published Sep 25, 2013

Tracked Since Feb 18, 2026