Login Sign Up

CVE-2017-17060

9.8 CRITICAL

📋 TL;DR

CVE-2017-17060 is an insecure permissions vulnerability in OX App Suite that allows attackers to bypass intended access controls. This affects OX App Suite 7.8.4 and earlier versions, potentially exposing sensitive data and functionality to unauthorized users.

💻 Affected Systems

Products:
  • OX App Suite
Versions: 7.8.4 and earlier
Operating Systems: All supported platforms
Default Config Vulnerable: ⚠️ Yes
Notes: All deployments running vulnerable versions are affected regardless of configuration.

📦 What is this software?

Open Xchange Appsuite by Open Xchange

View all CVEs affecting Open Xchange Appsuite →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise allowing attackers to access, modify, or delete sensitive user data, administrative functions, and potentially pivot to other systems.

🟠

Likely Case

Unauthorized access to user data, email accounts, calendar information, and other sensitive business information stored in the OX App Suite.

🟢

If Mitigated

Limited impact with proper network segmentation, strong authentication controls, and minimal user privileges.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

Insecure permissions vulnerabilities typically require some level of access but can be exploited with minimal technical skill once access is obtained.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 7.8.5 and later

Vendor Advisory: https://documentation.open-xchange.com/components/releasenotes/7.8.3/

Restart Required: Yes

Instructions:

1. Backup all data and configurations. 2. Download and install OX App Suite 7.8.5 or later from official OX Software sources. 3. Apply the update following vendor documentation. 4. Restart all OX App Suite services. 5. Verify the update was successful.

🔧 Temporary Workarounds

Temporary Access Restrictions

linux

Implement strict network access controls to limit who can access the OX App Suite interface.

iptables -A INPUT -p tcp --dport 443 -s trusted_network -j ACCEPT
iptables -A INPUT -p tcp --dport 443 -j DROP

🧯 If You Can't Patch

  • Implement strict network segmentation to isolate OX App Suite from untrusted networks
  • Enforce principle of least privilege for all user accounts and service accounts

🔍 How to Verify

Check if Vulnerable:

Check OX App Suite version via admin interface or configuration files. Versions 7.8.4 and earlier are vulnerable.

Check Version:

grep -i version /opt/open-xchange/etc/version.properties

Verify Fix Applied:

Verify version is 7.8.5 or later and test permission controls for critical functions.

📡 Detection & Monitoring

Log Indicators:

  • Unusual access patterns to administrative functions
  • Failed permission checks followed by successful access
  • Access from unexpected user accounts to sensitive data

Network Indicators:

  • Unusual traffic patterns to OX App Suite administrative endpoints
  • Multiple failed authentication attempts followed by successful access

SIEM Query:

source="ox-app-suite" AND (event_type="permission_violation" OR user="*admin*" AND resource_access="sensitive")

📊 Metadata

CVE ID: CVE-2017-17060
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-275
Published: May 23, 2019
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2017-17060, you might also want to check these:

CVE-2017-16887 9.8

This vulnerability in FiberHome Mobile WIFI Device Model LM53Q1 allows unauthorized access to SOAP w...

Same vulnerability type (CWE-275)
CVE-2018-15379 9.8

CVE-2018-15379 allows unauthenticated remote attackers to upload arbitrary files via TFTP through Ci...

Same vulnerability type (CWE-275)
CVE-2022-0742 9.1

A memory leak vulnerability in the Linux kernel's ICMPv6 implementation allows remote attackers to c...

Same vulnerability type (CWE-275)