CVE-2013-1649

Name of the Vulnerable Software and Affected Versions Open-Xchange Server versions prior to 6.20.7 rev14 Open-Xchange Server versions 6.22.0 prior to rev13 Open-Xchange Server versions 6.22.1 prior to rev14

Description The issue makes it easier for attackers to obtain cleartext passwords via a brute-force attack due to the use of crypt and SHA-1 algorithms for password hashing.

Recommendations For Open-Xchange Server versions prior to 6.20.7 rev14, update to version 6.20.7 rev14 or later. For Open-Xchange Server versions 6.22.0 prior to rev13, update to version 6.22.0 rev13 or later. For Open-Xchange Server versions 6.22.1 prior to rev14, update to version 6.22.1 rev14 or later.