{ "affected": [ { "database_specific": { "unresolved_ranges": [ { "events": [ { "introduced": "0" }, { "last_affected": "7.10.6-rev01" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "7.10.6-rev02" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "7.10.6-rev03" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "7.10.6-rev04" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "7.10.6-rev05" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "7.10.6-rev06" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "7.10.6-rev07" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "7.10.6-rev08" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "7.10.6-rev09" } ] } ] }, "ranges": [ { "database_specific": { "versions": [ { "introduced": "0" }, { "fixed": "7.10.6" }, { "introduced": "0" }, { "last_affected": "7.10.6-NA" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev10" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev11" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev12" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev13" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev14" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev15" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev16" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev17" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev18" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev19" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev20" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev21" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev22" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev23" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev24" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev25" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev26" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev27" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev28" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev29" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev30" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev31" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev32" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev33" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev34" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev35" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev36" } ] }, "events": [ { "introduced": "0" }, { "fixed": "489e7d0bf2bb0dc4c984860c4ce6f4d772086875" }, { "introduced": "0" }, { "last_affected": "489e7d0bf2bb0dc4c984860c4ce6f4d772086875" }, { "introduced": "0" }, { "last_affected": "3bf675812dfb666d3dc1bacfc72ed6ba4f19643f" }, { "introduced": "0" }, { "last_affected": "cda1b78b8fa8d35a1602003a9d90fddef2461694" }, { "introduced": "0" }, { "last_affected": "726dba94c43ad95f10aadd3e6ac2bbe4debf4347" }, { "introduced": "0" }, { "last_affected": "22378bdb996bcf376a5122b6f001c7c7c7b7088b" }, { "introduced": "0" }, { "last_affected": "3390ea1e54eab7c269d5e5f2e6791f36cf1ebff8" }, { "introduced": "0" }, { "last_affected": "281ea2f50a7c2c686d66b51e4c8782f6fa5ce75f" }, { "introduced": "0" }, { "last_affected": "065be8690dd07bd17ab711961085b4350dcbd7e2" }, { "introduced": "0" }, { "last_affected": "41eee98c698de20700aa45222fdefebc86fee3db" }, { "introduced": "0" }, { "last_affected": "4703ef3de5fb9e5c9187a33edfba8867561f2fe2" }, { "introduced": "0" }, { "last_affected": "7bfa5af1d7745d2ec61a8537c56734dc809c2e34" }, { "introduced": "0" }, { "last_affected": "3e8727d4155bd7aa6c1c45fc73e7bae75d6c7792" }, { "introduced": "0" }, { "last_affected": "7478627b8aa3e8da77d9ac54788ebb6e163ebbf0" }, { "introduced": "0" }, { "last_affected": "ea2365c9bde278334ffb54d6b34a1f7ef0a0c884" }, { "introduced": "0" }, { "last_affected": "021e33ad79d579d1aafd21fde5da27ab133bdfd1" }, { "introduced": "0" }, { "last_affected": "26b9f421ce109fdc1b0d62eea79ad394e4f46087" }, { "introduced": "0" }, { "last_affected": "8812d22a3cf1d7865f5e7a73151c0da12094393a" }, { "introduced": "0" }, { "last_affected": "a77b31dd0452e95f1556ef8e05cf66330a3c2821" }, { "introduced": "0" }, { "last_affected": "4952e487347f9b7a66aab46b3da5aaea38faf970" }, { "introduced": "0" }, { "last_affected": "31c26beab22872a14b9ded7908efcae6438be25e" }, { "introduced": "0" }, { "last_affected": "44346efd29f6f2a5bc2880a95ffbe885c86898f2" }, { "introduced": "0" }, { "last_affected": "5c4b1282b0c830f6520e36b13db08d8e6e4f5770" }, { "introduced": "0" }, { "last_affected": "14bae8c27e32a6c2f1a6c1c140c4979d2205a226" }, { "introduced": "0" }, { "last_affected": "6cb2674122511edacac3cc0c9c21069850191043" }, { "introduced": "0" }, { "last_affected": "6f3612650ebd6cd57fafa62d644bc503c07e05bf" }, { "introduced": "0" }, { "last_affected": "722628ce97f9626245edc01f07e7f0b7afb12ae5" }, { "introduced": "0" }, { "last_affected": "cee97aa8544663baff4c94d38a4234534d00619e" }, { "introduced": "0" }, { "last_affected": "efe84c3e5c1d116b8de98b33deada8c4d1b14a28" } ], "repo": "https://github.com/open-xchange/appsuite-frontend", "type": "GIT" } ] } ], "details": "OX App Suite before backend 7.10.6-rev37 does not enforce 2FA for all endpoints, e.g., reading from a drive, reading contact data, and renaming tokens.", "id": "CVE-2023-24605", "modified": "2026-03-13T21:56:31.344769891Z", "published": "2023-05-29T03:15:09.890Z", "references": [ { "type": "WEB", "url": "https://open-xchange.com" }, { "type": "ADVISORY", "url": "http://seclists.org/fulldisclosure/2023/May/3" } ], "severity": [ { "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", "type": "CVSS_V3" } ] }