Onlyoffice Vulnerabilidad

Cronología

Escribe

Not Defined	25

Producto

ONLYOFFICE Document Server	10
ONLYOFFICE Server	6
ONLYOFFICE DocumentServer	5
ONLYOFFICE Community Server	1
ONLYOFFICE Docs	1

Contramedidas

Official Fix	9
Temporary Fix	0
Workaround	0
Unavailable	0
Not Defined	16

Explotabilidad

High	0
Functional	0
Proof-of-Concept	7
Unproven	0
Not Defined	18

Vector de acceso

Not Defined	0
Physical	0
Local	1
Adjacent	8
Network	16

Autenticación

Not Defined	0
High	0
Low	20
None	5

La interacción del usuario

Not Defined	0
Required	4
None	21

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	0
≤4	2
≤5	2
≤6	5
≤7	8
≤8	5
≤9	3
≤10	0

CVSSv3 Temp

≤1	0
≤2	0
≤3	0
≤4	2
≤5	2
≤6	6
≤7	7
≤8	5
≤9	3
≤10	0

VulDB

≤1	0
≤2	0
≤3	0
≤4	5
≤5	2
≤6	5
≤7	10
≤8	3
≤9	0
≤10	0

NVD

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	2
≤7	0
≤8	9
≤9	1
≤10	8

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Proveedor

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Explotar día 0

<1k	4
<2k	11
<5k	10
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Explotar hoy

<1k	25
<2k	0
<5k	0
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Explotar el volumen del mercado

🔴 CTI Ocupaciones

Affected Products (7): Community Server (1), Docs (1), Document Server (10), DocumentServer (5), Document Server Example (1), Server (6), Workspace DMS (1)

Fecha de publicación	Base	Temp	Vulnerabilidad	Prod	Exp	Con	EPSS	CTI	CVE
2023-08-14	5.9	5.8	ONLYOFFICE Document Server JavaScript File denegación de servicio	Desconocido	Not Defined	Official Fix	0.00270	0.00	CVE-2023-30188
2023-08-14	8.0	7.9	ONLYOFFICE Document Server JavaScript File divulgación de información	Desconocido	Not Defined	Official Fix	0.00362	0.04	CVE-2023-30187
2023-08-14	6.3	6.0	ONLYOFFICE Document Server JavaScript File desbordamiento de búfer	Desconocido	Not Defined	Official Fix	0.00307	0.02	CVE-2023-30186
2023-06-22	8.0	7.9	ONLYOFFICE Community Server UploadProgress.ashx escalada de privilegios	Desconocido	Not Defined	Official Fix	0.00633	0.04	CVE-2023-34939
2023-03-19	6.5	6.5	ONLYOFFICE Docs libgcc_s.so.1 escalada de privilegios	Desconocido	Not Defined	Not Defined	0.00065	0.04	CVE-2022-48422
2023-02-08	4.4	4.4	ONLYOFFICE Workspace DMS Document cross site scripting	Desconocido	Not Defined	Official Fix	0.00056	0.06	CVE-2022-47412
2023-01-23	6.8	6.5	ONLYOFFICE Server Document Editor Service escalada de privilegios	Desconocido	Proof-of-Concept	Not Defined	0.00100	0.04	CVE-2021-43449
2023-01-23	3.5	3.2	ONLYOFFICE Server Macros cross site scripting	Desconocido	Proof-of-Concept	Not Defined	0.00072	0.00	CVE-2021-43446
2023-01-23	6.0	5.8	ONLYOFFICE Server Signed Document escalada de privilegios	Desconocido	Proof-of-Concept	Not Defined	0.00105	0.04	CVE-2021-43444
2023-01-23	4.5	4.3	ONLYOFFICE Server User Name escalada de privilegios	Desconocido	Proof-of-Concept	Not Defined	0.00071	0.03	CVE-2021-43448

15 no se muestran más entradas

🔒 Login Required

You need to signup and login to see more of the remaining 15 results.

◂ AnteriorVisión De ConjuntoPróximo ▸

Do you need the next level of professionalism?

Upgrade your account now!