CVE-2023-26427

CVSS 3.1 Score 3.3 of 10 (low)

Details

Published Jun 20, 2023

Updated: Jan 12, 2024

CWE ID 732

CWE ID 922

Summary

CVE-2023-26427: This vulnerability involves a properties file with overly permissive default permissions. Local system users were able to access potentially sensitive information due to this issue. We have rectified this by updating the default permissions for the noreply.properties file during installation. No publicly available exploits have been reported at this time.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Open-xchange Appsuite Backend

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/rthQbl
https://www.cve.org/CVERecord?id=CVE-2023-26427
https://nvd.nist.gov/vuln/detail/CVE-2023-26427

Back to Vulnerability Database

CVE-2023-26427

CVSS 3.1 Score 3.3 of 10 (low)

Details

Summary

Affected Products

Advisories, Assessments, and Mitigations