CVE-2023-41707 MEDIUM

CVE-2023-41707

Vendor Open-Xchange Gmbh

Product OX App Suite

Weakness CWE-400

Published February 12, 2024

Last update November 4, 2025

View on NVD All CVEs

CVSS base score

6.5/10

Attack vector Network

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality None

Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

Processing of user-defined mail search expressions is not limited. Availability of OX App Suite could be reduced due to high processing load. Please deploy the provided updates and patch releases. Processing time of mail search expressions now gets monitored, and the related request is terminated if a resource threshold is reached. No publicly available exploits are known.

Key dates

02Disclosure timeline

February 12, 2024 CVE published

November 4, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2023-41707 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/400.html

Related vulnerabilities

Identifiers

CVE CVE-2023-41707

CWE CWE-400

CVSS 6.5 / MEDIUM

Affected versions

Vendor Open-Xchange Gmbh

Product OX App Suite

Affected ≤ 7.10.6-rev55

Vendor Open-Xchange Gmbh

Product OX App Suite

Affected ≤ 7.6.3-rev71

Vendor Open-Xchange Gmbh

Product OX App Suite

Affected ≤ 8.19

CVE-2023-41707

01Description

02Disclosure timeline

03References

04Related CVE