CVE-2013-5934

Name of the Vulnerable Software and Affected Versions Open-Xchange AppSuite versions 7.0.x through 7.0.2-rev14 Open-Xchange AppSuite versions 7.2.x through 7.2.2-rev15

Description The issue is related to a hardcoded password for node join operations in the source code. This allows remote attackers to expand a cluster by finding the password and then sending it in a Hazelcast cluster API call.

Recommendations For Open-Xchange AppSuite versions 7.0.x through 7.0.2-rev14, update to version 7.0.2-rev15 or later. For Open-Xchange AppSuite versions 7.2.x through 7.2.2-rev15, update to version 7.2.2-rev16 or later.