CVSS: 8.1EPSS: 0%CPEs: 9EXPL: 0CVE-2024-37882 – Nextcloud Server can reshare read&share only folder with more permissions
https://notcve.org/view.php?id=CVE-2024-37882
Nextcloud Server is a self hosted personal cloud system. A recipient of a share with read&share permissions could reshare the item with more permissions. It is recommended that the Nextcloud Server is upgraded to 26.0.13 or 27.1.8 or 28.0.4 and that the Nextcloud Enterprise Server is upgraded to 26.0.13 or 27.1.8 or 28.0.4. Nextcloud Server es un sistema de nube personal autohospedado. Un destinatario de un recurso compartido con permisos de lectura y uso compartido podría volver a compartir el elemento con más permisos. • https://github.com/nextcloud/security-advisories/security/advisories/GHSA-jjm3-j9xh-5xmq https://github.com/nextcloud/server/pull/44339 https://hackerone.com/reports/2289425 • CWE-281: Improper Preservation of Permissions CWE-284: Improper Access Control •
CVSS: 3.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22403 – OAuth2 authorization codes are valid indefinetly in Nextcloud server
https://notcve.org/view.php?id=CVE-2024-22403
Nextcloud server is a self hosted personal cloud system. In affected versions OAuth codes did not expire. When an attacker would get access to an authorization code they could authenticate at any time using the code. As of version 28.0.0 OAuth codes are invalidated after 10 minutes and will no longer be authenticated. To exploit this vulnerability an attacker would need to intercept an OAuth code from a user session. • https://github.com/nextcloud/security-advisories/security/advisories/GHSA-wppc-f5g8-vx36 https://github.com/nextcloud/server/pull/40766 https://hackerone.com/reports/1784162 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S6PN4GVJ5TZUC6WSG4X3ZA3AMPBEKNAX • CWE-613: Insufficient Session Expiration •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-49792 – Bruteforce protection can be bypassed with misconfigured proxy
https://notcve.org/view.php?id=CVE-2023-49792
Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. In Nextcloud Server prior to versions 26.0.9 and 27.1.4; as well as Nextcloud Enterprise Server prior to versions 23.0.12.13, 24.0.12.9, 25.0.13.4, 26.0.9, and 27.1.4; when a (reverse) proxy is configured as trusted proxy the server could be tricked into reading a wrong remote address for an attacker, allowing them executing authentication attempts than intended. Nextcloud Server versions 26.0.9 and 27.1.4 and Nextcloud Enterprise Server versions 23.0.12.13, 24.0.12.9, 25.0.13.4, 26.0.9, and 27.1.4 contain a patch for this issue. No known workarounds are available. Nextcloud Server proporciona almacenamiento de datos para Nextcloud, una plataforma en la nube de código abierto. • https://github.com/nextcloud/security-advisories/security/advisories/GHSA-5j2p-q736-hw98 https://github.com/nextcloud/server/pull/41526 https://hackerone.com/reports/2230915 • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 5.4EPSS: 0%CPEs: 7EXPL: 0CVE-2023-49791 – Workflows do not require password confirmation on API level
https://notcve.org/view.php?id=CVE-2023-49791
Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. In Nextcloud Server prior to versions 26.0.9 and 27.1.4; as well as Nextcloud Enterprise Server prior to versions 23.0.12.13, 24.0.12.9, 25.0.13.4, 26.0.9, and 27.1.4; when an attacker manages to get access to an active session of another user via another way, they could delete and modify workflows by sending calls directly to the API bypassing the password confirmation shown in the UI. Nextcloud Server versions 26.0.9 and 27.1.4 and Nextcloud Enterprise Server versions 23.0.12.13, 24.0.12.9, 25.0.13.4, 26.0.9, and 27.1.4 contain a patch for this issue. No known workarounds are available. Nextcloud Server proporciona almacenamiento de datos para Nextcloud, una plataforma en la nube de código abierto. • https://github.com/nextcloud/security-advisories/security/advisories/GHSA-3f8p-6qww-2prr https://github.com/nextcloud/server/pull/41520 https://hackerone.com/reports/2120667 • CWE-284: Improper Access Control CWE-287: Improper Authentication •
CVSS: 9.8EPSS: 0%CPEs: 9EXPL: 1CVE-2023-48306 – Nextcloud Server DNS pin middleware can be tricked into DNS rebinding allowing SSRF
https://notcve.org/view.php?id=CVE-2023-48306
Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.11, 26.0.6, and 27.1.0 of Nextcloud Server and starting in version 22.0.0 and prior to versions 22.2.10.16, 23.0.12.11, 24.0.12.7, 25.0.11, 26.0.6, and 27.1.0 of Nextcloud Enterprise Server, the DNS pin middleware was vulnerable to DNS rebinding allowing an attacker to perform SSRF as a final result. Nextcloud Server 25.0.11, 26.0.6, and 27.1.0 and Nextcloud Enterprise Server 22.2.10.16, 23.0.12.11, 24.0.12.7, 25.0.11, 26.0.6, and 27.1.0 contain patches for this issue. No known workarounds are available. Nextcloud Server proporciona almacenamiento de datos para Nextcloud, una plataforma en la nube de código abierto. • https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8f69-f9jg-4x3v https://github.com/nextcloud/server/pull/40234 https://hackerone.com/reports/2115212 • CWE-918: Server-Side Request Forgery (SSRF) •