CVE-2013-5935
Open-Xchange AppSuite 7.0.x < 7.0.2-rev15 and 7.2.x < 7.2.2-rev16 - Unauthorized Access via Hazelcast Cluster API
Title source: llmDescription
The Hazelcast cluster API in Open-Xchange AppSuite 7.0.x before 7.0.2-rev15 and 7.2.x before 7.2.2-rev16 does not properly restrict the set of network interfaces that can receive API calls, which makes it easier for remote attackers to obtain access by sending network traffic from an unintended location, a different vulnerability than CVE-2013-5200.
References (1)
Core 1
Core References
Third Party Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2013-09/0032.html
Scores
EPSS
0.0025
EPSS Percentile
48.3%
Details
CWE
CWE-200
Status
published
Products (4)
open-xchange/open-xchange_appsuite
7.0.1
open-xchange/open-xchange_appsuite
7.0.2
open-xchange/open-xchange_appsuite
7.2.0
open-xchange/open-xchange_appsuite
7.2.1
Published
Sep 25, 2013
Tracked Since
Feb 18, 2026