CVE-2023-26433

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Jun 20, 2023

Updated: Jan 12, 2024

CWE ID 400

Summary

CVE-2023-26433 is a vulnerability that affects the handling of IMAP "capabilities" responses during the process of adding an external mail account. An attacker with control over a rogue IMAP server can exploit this weakness by sending maliciously sized responses, leading to excessive resource usage and potential service unavailability. The vulnerability has been mitigated by limiting accepted IMAP server responses to reasonable sizes, and no publicly known exploits are currently available.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Open-xchange Appsuite Backend

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/rth2qB
https://www.cve.org/CVERecord?id=CVE-2023-26433
https://nvd.nist.gov/vuln/detail/CVE-2023-26433

Back to Vulnerability Database

CVE-2023-26433

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Summary

Affected Products

Advisories, Assessments, and Mitigations