CVSS: 3.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22403 – OAuth2 authorization codes are valid indefinetly in Nextcloud server
https://notcve.org/view.php?id=CVE-2024-22403
18 Jan 2024 — Nextcloud server is a self hosted personal cloud system. In affected versions OAuth codes did not expire. When an attacker would get access to an authorization code they could authenticate at any time using the code. As of version 28.0.0 OAuth codes are invalidated after 10 minutes and will no longer be authenticated. To exploit this vulnerability an attacker would need to intercept an OAuth code from a user session. • https://github.com/nextcloud/security-advisories/security/advisories/GHSA-wppc-f5g8-vx36 • CWE-613: Insufficient Session Expiration •
CVSS: 8.5EPSS: 0%CPEs: 11EXPL: 1CVE-2023-48239 – Nextcloud Server users can make external storage mount points inaccessible for other users
https://notcve.org/view.php?id=CVE-2023-48239
21 Nov 2023 — Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.13, 26.0.8, and 27.1.3 of Nextcloud Server and starting in version 20.0.0 and prior to versions 20.0.14.16, 21.0.9.13, 22.2.10.15, 23.0.12.12, 24.0.12.8, 25.0.13, 26.0.8, and 27.1.3 of Nextcloud Enterprise Server, a malicious user could update any personal or global external storage, making them inaccessible for everyone else as well. Nextcloud Server 25.0.13, 26.0.8, an... • https://github.com/nextcloud/security-advisories/security/advisories/GHSA-f962-hw26-g267 • CWE-284: Improper Access Control •
CVSS: 8.1EPSS: 0%CPEs: 11EXPL: 0CVE-2023-39963 – Missing password confirmation when creating app passwords
https://notcve.org/view.php?id=CVE-2023-39963
10 Aug 2023 — Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 20.0.0 and prior to versions 20.0.14.15, 21.0.9.13, 22.2.10.14, 23.0.12.8, 24.0.12.5, 25.0.9, 26.0.4, and 27.0.1, a missing password confirmation allowed an attacker, after successfully stealing a session from a logged in user, to create app passwords for the victim. Nextcloud server versions 25.0.9, 26.0.4, and 27.0.1 and Nextcloud Enterprise Server versions 20.0.14.15, 21.0.9.13, 22.2.10.14, 23.0.12.9,... • https://github.com/nextcloud/security-advisories/security/advisories/GHSA-j4qm-5q5x-54m5 • CWE-284: Improper Access Control •
CVSS: 7.7EPSS: 0%CPEs: 12EXPL: 0CVE-2023-39962 – Users can delete external storage mount points
https://notcve.org/view.php?id=CVE-2023-39962
10 Aug 2023 — Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 19.0.0 and prior to versions 19.0.13.10, 20.0.14.15, 21.0.9.13, 22.2.10.14, 23.0.12.8, 24.0.12.5, 25.0.9, 26.0.4, and 27.0.1, a malicious user could delete any personal or global external storage, making them inaccessible for everyone else as well. Nextcloud server versions 25.0.9, 26.0.4, and 27.0.1 and Nextcloud Enterprise Server versions 19.0.13.10, 20.0.14.15, 21.0.9.13, 22.2.10.14, 23.0.12.9, 24.0.1... • https://github.com/nextcloud/security-advisories/security/advisories/GHSA-xwxx-2752-w3xm • CWE-284: Improper Access Control •
CVSS: 9.0EPSS: 0%CPEs: 10EXPL: 0CVE-2023-35928 – Nextcloud user scoped external storage can be used to gather credentials of other users
https://notcve.org/view.php?id=CVE-2023-35928
23 Jun 2023 — Nextcloud Server is a space for data storage on Nextcloud, a self-hosted productivity playform. In NextCloud Server versions 25.0.0 until 25.0.7 and 26.0.0 until 26.0.2 and Nextcloud Enterprise Server versions 19.0.0 until 19.0.13.9, 20.0.0 until 20.0.14.14, 21.0.0 until 21.0.9.12, 22.0.0 until 22.2.10.12, 23.0.0 until 23.0.12.7, 24.0.0 until 24.0.12.2, 25.0.0 until 25.0.7, and 26.0.0 until 26.0.2, a user could use this functionality to get access to the login credentials of another user and take over their... • https://github.com/nextcloud/security-advisories/security/advisories/GHSA-637g-xp2c-qh5h • CWE-274: Improper Handling of Insufficient Privileges •
CVSS: 8.5EPSS: 0%CPEs: 10EXPL: 0CVE-2023-35927 – Nextcloud system addressbooks can be modified by malicious trusted server
https://notcve.org/view.php?id=CVE-2023-35927
23 Jun 2023 — NextCloud Server and NextCloud Enterprise Server provide file storage for Nextcloud, a self-hosted productivity platform. In NextCloud Server versions 25.0.0 until 25.0.7 and 26.0.0 until 26.0.2 and Nextcloud Enterprise Server versions 21.0.0 until 21.0.9.12, 22.0.0 until 22.2.10.12, 23.0.0 until 23.0.12.7, 24.0.0 until 24.0.12.2, 25.0.0 until 25.0.7, and 26.0.0 until 26.0.2, when two server are registered as trusted servers for each other and successfully exchanged the share secrets, the malicious server c... • https://github.com/nextcloud/security-advisories/security/advisories/GHSA-h7f7-535f-7q87 • CWE-284: Improper Access Control •
CVSS: 9.4EPSS: 0%CPEs: 8EXPL: 0CVE-2023-35172 – Nextcloud Server password reset endpoint is not brute force protected
https://notcve.org/view.php?id=CVE-2023-35172
23 Jun 2023 — NextCloud Server and NextCloud Enterprise Server provide file storage for Nextcloud, a self-hosted productivity platform. In NextCloud Server versions 25.0.0 until 25.0.7 and 26.0.0 until 26.0.2 and Nextcloud Enterprise Server versions 21.0.0 until 21.0.9.12, 22.0.0 until 22.2.10.12, 23.0.0 until 23.0.12.7, 24.0.0 until 24.0.12.2, 25.0.0 until 25.0.7, and 26.0.0 until 26.0.2, an attacker can bruteforce the password reset links. Nextcloud Server n 25.0.7 and 26.0.2 and Nextcloud Enterprise Server 21.0.9.12, ... • https://github.com/nextcloud/security-advisories/security/advisories/GHSA-mjf5-p765-qmr6 • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 8.7EPSS: 0%CPEs: 8EXPL: 0CVE-2023-32320 – Nextcloud Server's brute force protection allows someone to send more requests than intended
https://notcve.org/view.php?id=CVE-2023-32320
22 Jun 2023 — Nextcloud Server is a data storage system for Nextcloud, a self-hosted productivity platform. When multiple requests are sent in parallel, all of them were executed even if the amount of faulty requests succeeded the limit by the time the response was sent to the client. This allowed someone to send as many requests the server could handle in parallel to bruteforce protected details instead of the configured limit, default 8. Nextcloud Server versions 25.0.7 and 26.0.2 and Nextcloud Enterprise Server versio... • https://github.com/nextcloud/security-advisories/security/advisories/GHSA-qphh-6xh7-vffg • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 9.0EPSS: 0%CPEs: 13EXPL: 0CVE-2023-30539 – Users can set up workflows using restricted and invisible system tags in Nextcloud
https://notcve.org/view.php?id=CVE-2023-30539
17 Apr 2023 — Nextcloud is a personal home server system. Depending on the set up tags and other workflows this issue can be used to limit access of others or being able to grant them access when there are system tag based files access control or files retention rules. It is recommended that the Nextcloud Server is upgraded to 24.0.11 or 25.0.5, the Nextcloud Enterprise Server to 21.0.9.11, 22.2.10.11, 23.0.12.6, 24.0.11 or 25.0.5, and the Nextcloud Files automated tagging app to 1.11.1, 1.12.1, 1.13.1, 1.14.2, 1.15.3 or... • https://github.com/nextcloud/files_automatedtagging/pull/705 • CWE-284: Improper Access Control •
CVSS: 9.0EPSS: 0%CPEs: 8EXPL: 0CVE-2023-26482 – Scope of workflow operations is not validated in nextcloud server
https://notcve.org/view.php?id=CVE-2023-26482
30 Mar 2023 — Nextcloud server is an open source home cloud implementation. In affected versions a missing scope validation allowed users to create workflows which are designed to be only available for administrators. Some workflows are designed to be RCE by invoking defined scripts, in order to generate PDFs, invoking webhooks or running scripts on the server. Due to this combination depending on the available apps the issue can result in a RCE at the end. It is recommended that the Nextcloud Server is upgraded to 24.0.... • https://github.com/nextcloud/security-advisories/security/advisories/GHSA-h3c9-cmh8-7qpj • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •