CVE-2023-24598

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published May 29, 2023

Updated: Jan 14, 2025

CWE ID 203

Summary

CVE-2023-24598 is a vulnerability affecting OX App Suite before backend 7.10.6-rev37. This issue involves an information leak, where distribution lists are mishandled, leading to partial disclosure of private contacts belonging to other users. An attacker could potentially exploit this vulnerability by gaining unauthorized access to another user's contact list. This could pose a significant risk to users, particularly in professional or organizational environments, where confidential contact information is routinely shared. It is strongly recommended that users upgrade to the latest version of OX App Suite to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

OX App Suite

Affected Vendors

Open-xchange

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Submarine Cables Face Increasing Threats Amid Geopolitical Tensions and Limited Repair Capacity

US Violent Extremists Likely Shifting Focus to Targeted Physical Threats in 2025

DRAT V2: Updated DRAT Emerges in TAG-140’s Arsenal

Know What Matters

For Customers

For Partners