CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-28835 – Insecure randomness for default password in nextcloud
https://notcve.org/view.php?id=CVE-2023-28835
30 Mar 2023 — Nextcloud server is an open source home cloud implementation. In affected versions the generated fallback password when creating a share was using a weak complexity random number generator, so when the sharer did not change it the password could be guessable to an attacker willing to brute force it. It is recommended that the Nextcloud Server is upgraded to 24.0.10 or 25.0.4. This issue only affects users who do not have a password policy enabled, so enabling a password policy is an effective mitigation for... • https://github.com/nextcloud/security-advisories/security/advisories/GHSA-7w2p-rp9m-9xp9 • CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) •
CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0CVE-2023-28833 – Unrestricted filenames for logo or favicon as admin in the theming settings in nextcloud server
https://notcve.org/view.php?id=CVE-2023-28833
30 Mar 2023 — Nextcloud server is an open source home cloud implementation. In affected versions admins of a server were able to upload a logo or a favicon and to provided a file name which was not restricted and could overwrite files in the appdata directory. Administrators may have access to overwrite these files by other means but this method could be exploited by tricking an admin into uploading a maliciously named file. It is recommended that the Nextcloud Server is upgraded to 24.0.10 or 25.0.4. Users unable to upg... • https://github.com/nextcloud/security-advisories/security/advisories/GHSA-ch7f-px7m-hg25 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 9.0EPSS: 0%CPEs: 8EXPL: 0CVE-2023-26482 – Scope of workflow operations is not validated in nextcloud server
https://notcve.org/view.php?id=CVE-2023-26482
30 Mar 2023 — Nextcloud server is an open source home cloud implementation. In affected versions a missing scope validation allowed users to create workflows which are designed to be only available for administrators. Some workflows are designed to be RCE by invoking defined scripts, in order to generate PDFs, invoking webhooks or running scripts on the server. Due to this combination depending on the available apps the issue can result in a RCE at the end. It is recommended that the Nextcloud Server is upgraded to 24.0.... • https://github.com/nextcloud/security-advisories/security/advisories/GHSA-h3c9-cmh8-7qpj • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2023-25818 – Missing brute force protection on password reset token in Nextcloud Server
https://notcve.org/view.php?id=CVE-2023-25818
27 Mar 2023 — Nextcloud server is an open source, personal cloud implementation. In affected versions a malicious user could try to reset the password of another user and then brute force the 62^21 combinations for the password reset token. As of commit `704eb3aa` password reset attempts are now throttled. Note that 62^21 combinations would significant compute resources to brute force. None the less it is recommended that the Nextcloud Server is upgraded to 24.0.10 or 25.0.4. • https://github.com/nextcloud/security-advisories/security/advisories/GHSA-v243-x6jc-42mp • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-25820 – Nextcloud Server and Enterprise Server missing brute force protection on password confirmation modal
https://notcve.org/view.php?id=CVE-2023-25820
22 Mar 2023 — Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform, and Nextcloud Enterprise Server is the enterprise version of the file server software. In Nextcloud Server versions 25.0.x prior to 25.0.5 and versions 24.0.x prior to 24.0.10 as well as Nextcloud Enterprise Server versions 25.0.x prior to 25.0.4, 24.0.x prior to 24.0.10, 23.0.x prior to 23.0.12.5, 22.x prior to 22.2.0.10, and 21.x prior to 21.0.9.10, when an attacker gets access to an already logged in user ses... • https://github.com/nextcloud/security-advisories/security/advisories/GHSA-36g6-wjx2-333x • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-25579 – Directory traversal in Nextcloud server
https://notcve.org/view.php?id=CVE-2023-25579
22 Feb 2023 — Nextcloud server is a self hosted home cloud product. In affected versions the `OC\Files\Node\Folder::getFullPath()` function was validating and normalizing the string in the wrong order. The function is used in the `newFile()` and `newFolder()` items, which may allow to creation of paths outside of ones own space and overwriting data from other users with crafted paths. This issue has been addressed in versions 25.0.2, 24.0.8, and 23.0.12. Users are advised to upgrade. • https://github.com/nextcloud/security-advisories/security/advisories/GHSA-273v-9h7x-p68v • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 1CVE-2023-25162 – Nextcloud Server vulnerable to SSRF via filter bypass due to lax checking on IPs
https://notcve.org/view.php?id=CVE-2023-25162
13 Feb 2023 — Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Nextcloud Server prior to 24.0.8 and 23.0.12 and Nextcloud Enterprise server prior to 24.0.8 and 23.0.12 are vulnerable to server-side request forgery (SSRF). Attackers can leverage enclosed alphanumeric payloads to bypass IP filters and gain SSRF, which would allow an attacker to read crucial metadata if the server is hosted on the AWS platform. Nextcloud Server 24.0.8 and 23.0.2 and Nextcloud Enterprise Server... • https://github.com/nextcloud/security-advisories/security/advisories/GHSA-mqrx-grp7-244m • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-25161 – Nextcloud Server's missing rate limiting on password reset functionality allows sending lots of emails
https://notcve.org/view.php?id=CVE-2023-25161
13 Feb 2023 — Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Nextcloud Server and Nextcloud Enterprise Server prior to versions 25.0.1 24.0.8, and 23.0.12 missing rate limiting on password reset functionality. This could result in service slowdown, storage overflow, or cost impact when using external email services. Users should upgrade to Nextcloud Server 25.0.1, 24.0.8, or 23.0.12 or Nextcloud Enterprise Server 25.0.1, 24.0.8, or 23.0.12 to receive a patch. No known wor... • https://github.com/nextcloud/security-advisories/security/advisories/GHSA-492h-596q-xr2f • CWE-284: Improper Access Control •
CVSS: 3.3EPSS: 0%CPEs: 4EXPL: 0CVE-2022-41969 – Nextcloud Server has no password length limit when creating a user as an administrator
https://notcve.org/view.php?id=CVE-2022-41969
01 Dec 2022 — Nextcloud Server is an open source personal cloud server. Prior to versions 23.0.11, 24.0.7, and 25.0.0, there is no password length limit when creating a user as an administrator. An administrator can cause a limited DoS attack against their own server. Versions 23.0.11, 24.0.7, and 25.0.0 contain a fix for the issue. As a workaround, don't create user accounts with long passwords. • https://github.com/nextcloud/security-advisories/security/advisories/GHSA-4gm7-j7wg-m4fx • CWE-400: Uncontrolled Resource Consumption CWE-521: Weak Password Requirements •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2022-41968 – Nextcloud Server's calendar name length not validated before writing to database
https://notcve.org/view.php?id=CVE-2022-41968
01 Dec 2022 — Nextcloud Server is an open source personal cloud server. Prior to versions 23.0.10 and 24.0.5, calendar name lengths are not validated before writing to a database. As a result, an attacker can send unnecessary amounts of data against the database. Version 23.0.10 and 24.0.5 contain patches for the issue. No known workarounds are available. • https://github.com/nextcloud/security-advisories/security/advisories/GHSA-m92j-xxc8-hq3v • CWE-400: Uncontrolled Resource Consumption CWE-1284: Improper Validation of Specified Quantity in Input •