CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 2CVE-2013-1650 – Open-Xchange Server 6 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2013-1650
14 Mar 2013 — Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 uses weak permissions (group "other" readable) under opt/open-xchange/etc/, which allows local users to obtain sensitive information via standard filesystem operations. Open-Xchange Server anterior a 6.20.7 rev14, 6.22.0 anterior a rev13, y 6.22.1 anterior a rev14, usa permisos débiles (group "other" readable) bajo opt/open-xchange/etc/, lo que permite a usuarios locales obtener información sensible a través de operaciones... • https://www.exploit-db.com/exploits/24791 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 2CVE-2013-1651 – Open-Xchange Server 6 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2013-1651
14 Mar 2013 — OXUpdater in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof update servers and install arbitrary software via a crafted certificate. Open-Xchange Server anterior a 6.20.7 rev14, 6.22.0 anterior a rev13, y 6.22.1 anterior a rev14, no verifica los certificados X.509 desde los servidores SSL, lo que permite a atacantes "Man in the middle" suplantar los servidores e insta... • https://www.exploit-db.com/exploits/24791 • CWE-310: Cryptographic Issues •