CVE-2022-43699
- Source
- https://cve.org/CVERecord?id=CVE-2022-43699
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-43699.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2022-43699
- Published
- 2023-04-15T02:15:07.217Z
- Modified
- 2026-03-14T11:58:14.071329Z
- Severity
-
- 4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
OX App Suite before 7.10.6-rev30 allows SSRF because e-mail account discovery disregards the deny-list and thus can be attacked by an adversary who controls the DNS records of an external domain (found in the host part of an e-mail address).
- References
Affected packages
Git / github.com/open-xchange/appsuite-frontend
Affected ranges
- Type
- GIT
- Repo
- https://github.com/open-xchange/appsuite-frontend
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affected
- Database specific
{ "versions": [ { "introduced": "0" }, { "fixed": "7.10.6" }, { "introduced": "0" }, { "last_affected": "7.10.6-NA" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev10" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev11" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev12" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev13" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev14" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev15" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev16" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev17" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev18" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev19" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev20" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev21" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev22" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev23" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev24" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev25" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev26" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev27" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev28" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev29" } ] }
Affected versions
7.*
7.0.0-10
7.0.0-11
7.0.0-12
7.0.0-8
7.0.0-9
7.0.1-1
7.0.1-2
7.0.1-3
7.0.1-4
7.0.1-5
7.0.1-6
7.10.0-0
7.10.0-10
7.10.0-2
7.10.0-3
7.10.0-4
7.10.0-5
7.10.0-6
7.10.0-7
7.10.0-8
7.10.0-9
7.10.1-1
7.10.1-2
7.10.1-3
7.10.1-4
7.10.2-1
7.10.2-2
7.10.2-3
7.10.3-0
7.10.3-1
7.10.3-2
7.10.3-3
7.10.4-0
7.10.4-1
7.10.4-2
7.10.4-3
7.10.4-4
7.10.4-5
7.10.4-6
7.10.5-0
7.10.5-1
7.10.5-2
7.10.5-3
7.10.5-4
7.10.5-5
7.2.0-1
7.2.0-2
7.2.0-3
7.2.0-4
7.2.0-5
7.2.0-6
7.2.1-1
7.2.1-2
7.2.1-3
7.2.1-4
7.2.1-5
7.2.1-6
7.2.2-1
7.2.2-11
7.2.2-12
7.2.2-13
7.2.2-14
7.2.2-15
7.2.2-16
7.2.2-17
7.2.2-18
7.2.2-19
7.2.2-2
7.2.2-20
7.2.2-3
7.2.2-4
7.2.2-5
7.2.2-6
7.2.2-7
7.2.2-8
7.2.2-9
7.4.0-1
7.4.0-10
7.4.0-11
7.4.0-12
7.4.0-13
7.4.0-14
7.4.0-15
7.4.0-16
7.4.0-17
7.4.0-18
7.4.0-19
7.4.0-2
7.4.0-3
7.4.0-4
7.4.0-5
7.4.0-6
7.4.0-7
7.4.0-8
7.4.0-9
7.4.1-1
7.4.1-10
7.4.1-11
7.4.1-2
7.4.1-3
7.4.1-4
7.4.1-5
7.4.1-6
7.4.1-7
7.4.1-8
7.4.1-9
7.4.2-1
7.4.2-10
7.4.2-11
7.4.2-12
7.4.2-13
7.4.2-14
7.4.2-15
7.4.2-16
7.4.2-17
7.4.2-18
7.4.2-19
7.4.2-2
7.4.2-20
7.4.2-21
7.4.2-22
7.4.2-23
7.4.2-24
7.4.2-25
7.4.2-26
7.4.2-27
7.4.2-28
7.4.2-29
7.4.2-3
7.4.2-4
7.4.2-5
7.4.2-6
7.4.2-7
7.4.2-8
7.4.2-9
7.6.0-1
7.6.0-10
7.6.0-11
7.6.0-12
7.6.0-13
7.6.0-14
7.6.0-15
7.6.0-16
7.6.0-17
7.6.0-2
7.6.0-3
7.6.0-4
7.6.0-5
7.6.0-6
7.6.0-7
7.6.0-8
7.6.0-9
7.6.1-1
7.6.1-10
7.6.1-11
7.6.1-12
7.6.1-13
7.6.1-14
7.6.1-15
7.6.1-16
7.6.1-17
7.6.1-18
7.6.1-19
7.6.1-2
7.6.1-20
7.6.1-21
7.6.1-22
7.6.1-23
7.6.1-24
7.6.1-25
7.6.1-26
7.6.1-3
7.6.1-4
7.6.1-5
7.6.1-6
7.6.1-7
7.6.1-8
7.6.1-9
7.6.2-1
7.6.2-10
7.6.2-11
7.6.2-12
7.6.2-13
7.6.2-14
7.6.2-15
7.6.2-16
7.6.2-17
7.6.2-18
7.6.2-19
7.6.2-2
7.6.2-20
7.6.2-21
7.6.2-22
7.6.2-23
7.6.2-24
7.6.2-25
7.6.2-26
7.6.2-27
7.6.2-28
7.6.2-29
7.6.2-3
7.6.2-4
7.6.2-5
7.6.2-6
7.6.2-7
7.6.2-8
7.6.2-9
7.8.0-1
7.8.0-2
7.8.0-3
7.8.0-4
7.8.0-5
7.8.0-6
7.8.0-7
7.8.0-8
7.8.0-9
7.8.1-1
7.8.1-2
7.8.1-3
7.8.1-4
7.8.1-5
7.8.1-6
7.8.1-7
7.8.2-1
7.8.2-2
7.8.2-3
7.8.2-4
7.8.3-1
7.8.3-2
7.8.3-3
7.8.3-4
7.8.3-5
7.8.4-1
7.8.4-2
7.8.4-3
Other
Test
as-next
sprint_20
sprintreview_2013_07_12
Database specific
unresolved_ranges
[
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.10.6-rev01"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.10.6-rev02"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.10.6-rev03"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.10.6-rev04"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.10.6-rev05"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.10.6-rev06"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.10.6-rev07"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.10.6-rev08"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.10.6-rev09"
}
]
}
]
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-43699.json"