Onlyoffice 漏洞

时间轴

类型

Not Defined	25

产品

ONLYOFFICE Document Server	10
ONLYOFFICE Server	6
ONLYOFFICE DocumentServer	5
ONLYOFFICE Community Server	1
ONLYOFFICE Docs	1

修正

Official Fix	9
Temporary Fix	0
Workaround	0
Unavailable	0
Not Defined	16

易受攻击性

High	0
Functional	0
Proof-of-Concept	7
Unproven	0
Not Defined	18

访问向量

Not Defined	0
Physical	0
Local	1
Adjacent	8
Network	16

身份验证

Not Defined	0
High	0
Low	20
None	5

用户交互

Not Defined	0
Required	4
None	21

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	0
≤4	2
≤5	2
≤6	5
≤7	8
≤8	5
≤9	3
≤10	0

CVSSv3 Temp

≤1	0
≤2	0
≤3	0
≤4	2
≤5	2
≤6	6
≤7	7
≤8	5
≤9	3
≤10	0

VulDB

≤1	0
≤2	0
≤3	0
≤4	5
≤5	2
≤6	5
≤7	10
≤8	3
≤9	0
≤10	0

NVD

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	2
≤7	0
≤8	9
≤9	1
≤10	8

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

供应商

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

零日攻击

<1k	4
<2k	11
<5k	10
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

本日攻击

<1k	24
<2k	1
<5k	0
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

攻击市场容量

🔴 CTI 活动

Affected Products (7): Community Server (1), Docs (1), Document Server (10), DocumentServer (5), Document Server Example (1), Server (6), Workspace DMS (1)

已发布	Base	Temp	漏洞	Prod	易	修正	EPSS	CTI	CVE
2023-08-14	5.9	5.8	ONLYOFFICE Document Server JavaScript File 拒绝服务	未知	Not Defined	Official Fix	0.00270	0.00	CVE-2023-30188
2023-08-14	8.0	7.9	ONLYOFFICE Document Server JavaScript File 信息公开	未知	Not Defined	Official Fix	0.00362	0.04	CVE-2023-30187
2023-08-14	6.3	6.0	ONLYOFFICE Document Server JavaScript File 内存损坏	未知	Not Defined	Official Fix	0.00307	0.02	CVE-2023-30186
2023-06-22	8.0	7.9	ONLYOFFICE Community Server UploadProgress.ashx 权限升级	未知	Not Defined	Official Fix	0.00633	0.04	CVE-2023-34939
2023-03-19	6.5	6.5	ONLYOFFICE Docs libgcc_s.so.1 权限升级	未知	Not Defined	Not Defined	0.00065	0.07	CVE-2022-48422
2023-02-08	4.4	4.4	ONLYOFFICE Workspace DMS Document 跨网站脚本	未知	Not Defined	Official Fix	0.00056	0.06	CVE-2022-47412
2023-01-23	6.8	6.5	ONLYOFFICE Server Document Editor Service 权限升级	未知	Proof-of-Concept	Not Defined	0.00100	0.04	CVE-2021-43449
2023-01-23	3.5	3.2	ONLYOFFICE Server Macros 跨网站脚本	未知	Proof-of-Concept	Not Defined	0.00072	0.02	CVE-2021-43446
2023-01-23	6.0	5.8	ONLYOFFICE Server Signed Document 权限升级	未知	Proof-of-Concept	Not Defined	0.00105	0.04	CVE-2021-43444
2023-01-23	4.5	4.3	ONLYOFFICE Server User Name 权限升级	未知	Proof-of-Concept	Not Defined	0.00071	0.03	CVE-2021-43448

15 更多条目未显示

🔒 Login Required

You need to signup and login to see more of the remaining 15 results.

◂ 上一步一览下一步 ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!