CVE-2023-26433

Name of the Vulnerable Software and Affected Versions OX App Suite (affected versions not specified)

Description The issue is related to an uncontrolled resource consumption in the IMAP service of the OX App Suite package. This can be exploited by a remote attacker to cause a denial of service. When adding an external mail account, the processing of IMAP "capabilities" responses is not limited to plausible sizes, allowing an attacker with access to a rogue IMAP service to trigger requests that lead to excessive resource usage and eventually service unavailability. The fix involves limiting accepted IMAP server responses to reasonable length/size.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.