CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 0CVE-2024-22402 – Improper handling of request URLs in Nextcloud Guests app allows guest users to bypass app allowlist
https://notcve.org/view.php?id=CVE-2024-22402
Nextcloud guests app is a utility to create guest users which can only see files shared with them. In affected versions users were able to load the first page of apps they were actually not allowed to access. Depending on the selection of apps installed this may present a permissions bypass. It is recommended that the Guests app is upgraded to 2.4.1, 2.5.1 or 3.0.1. There are no known workarounds for this vulnerability. • https://github.com/nextcloud/guests/pull/1082 https://github.com/nextcloud/security-advisories/security/advisories/GHSA-v3qw-7vgv-2fxj https://hackerone.com/reports/2251074 • CWE-281: Improper Preservation of Permissions •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2024-22401 – All users can reset the allowed apps list for Nextcloud Guest App users
https://notcve.org/view.php?id=CVE-2024-22401
Nextcloud guests app is a utility to create guest users which can only see files shared with them. In affected versions users could change the allowed list of apps, allowing them to use apps that were not intended to be used. It is recommended that the Guests app is upgraded to 2.4.1, 2.5.1 or 3.0.1. There are no known workarounds for this vulnerability. La aplicación para invitados Nextcloud es una utilidad para crear usuarios invitados que solo pueden ver los archivos compartidos con ellos. • https://github.com/nextcloud/guests/pull/1082 https://github.com/nextcloud/security-advisories/security/advisories/GHSA-wr87-hx3w-29hh https://hackerone.com/reports/2250398 • CWE-281: Improper Preservation of Permissions •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-22404 – Permissions bypass in Nextcloud with the files zip app
https://notcve.org/view.php?id=CVE-2024-22404
Nextcloud files Zip app is a tool to create zip archives from one or multiple files from within Nextcloud. In affected versions users can download "view-only" files by zipping the complete folder. It is recommended that the Files ZIP app is upgraded to 1.2.1, 1.4.1, or 1.5.0. Users unable to upgrade should disable the file zip app. La aplicación Nextcloud files Zip es una herramienta para crear archivos zip a partir de uno o varios archivos desde Nextcloud. • https://github.com/nextcloud/files_zip/commit/43204539d517a13e945b90652718e2a213f46820 https://github.com/nextcloud/security-advisories/security/advisories/GHSA-vhj3-mch4-67fq https://hackerone.com/reports/2247457 • CWE-281: Improper Preservation of Permissions •
CVSS: 3.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22403 – OAuth2 authorization codes are valid indefinetly in Nextcloud server
https://notcve.org/view.php?id=CVE-2024-22403
Nextcloud server is a self hosted personal cloud system. In affected versions OAuth codes did not expire. When an attacker would get access to an authorization code they could authenticate at any time using the code. As of version 28.0.0 OAuth codes are invalidated after 10 minutes and will no longer be authenticated. To exploit this vulnerability an attacker would need to intercept an OAuth code from a user session. • https://github.com/nextcloud/security-advisories/security/advisories/GHSA-wppc-f5g8-vx36 https://github.com/nextcloud/server/pull/40766 https://hackerone.com/reports/1784162 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S6PN4GVJ5TZUC6WSG4X3ZA3AMPBEKNAX • CWE-613: Insufficient Session Expiration •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2024-22400 – Open redirect in user_saml via RelayState parameter in Nextcloud User Saml
https://notcve.org/view.php?id=CVE-2024-22400
Nextcloud User Saml is an app for authenticating Nextcloud users using SAML. In affected versions users can be given a link to the Nextcloud server and end up on a uncontrolled thirdparty server. It is recommended that the User Saml app is upgraded to version 5.1.5, 5.2.5, or 6.0.1. There are no known workarounds for this issue. Nextcloud User Saml es una aplicación para autenticar a los usuarios de Nextcloud mediante SAML. • https://github.com/nextcloud/security-advisories/security/advisories/GHSA-622q-xhfr-xmv7 https://github.com/nextcloud/user_saml/commit/b184304a476deeba36e92b70562d5de7c2f85f8a https://github.com/nextcloud/user_saml/pull/788 https://hackerone.com/reports/2263044 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •