CVE-2022-35932

Missing rate limit when trying to join a password protected Nextcloud Talk conversation

Severity Score

5.3

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Nextcloud Talk is a video and audio conferencing app for Nextcloud. Prior to versions 12.2.7, 13.0.7, and 14.0.3, password protected conversations are susceptible to brute force attacks if the attacker has the link/conversation token. It is recommended that the Nextcloud Talk application is upgraded to 12.2.7, 13.0.7 or 14.0.3. There are currently no known workarounds available apart from not having password protected conversations.

Nextcloud Talk es una aplicación de videoconferencia y audioconferencia para Nextcloud. En versiones anteriores a 12.2.7, 13.0.7 y 14.0.3, las conversaciones protegidas por contraseña son susceptibles de ataques de fuerza bruta si el atacante presenta el token de enlace/conversación. Es recomendado actualizar la aplicación Nextcloud Talk a versiones 12.2.7, 13.0.7 o 14.0.3. Actualmente no son conocidas mitigaciones disponibles, aparte de no tener conversaciones protegidas por contraseña.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

None

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

Required

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2022-07-15 CVE Reserved
2022-08-12 CVE Published
2024-03-04 EPSS Updated
2024-08-03 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-307: Improper Restriction of Excessive Authentication Attempts
CWE-359: Exposure of Private Personal Information to an Unauthorized Actor

CAPEC

References (9)

URL	Tag	Source
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-pf36-jvpv-4hwq	Issue Tracking
https://hackerone.com/reports/1596673	Issue Tracking

URL	Date	SRC

URL	Date	SRC
https://github.com/nextcloud/spreed/commit/04300bbed0e87ff3420b5d752bbc48e2c15f35e9	2022-08-15
https://github.com/nextcloud/spreed/commit/10341b9fe59a44ae0d139c072abd6b5026f33771	2022-08-15
https://github.com/nextcloud/spreed/commit/f5ac73940f9f683b11e518d1c54150bf50dab9be	2022-08-15
https://github.com/nextcloud/spreed/pull/7504	2022-08-15
https://github.com/nextcloud/spreed/pull/7535	2022-08-15
https://github.com/nextcloud/spreed/pull/7536	2022-08-15
https://github.com/nextcloud/spreed/pull/7537	2022-08-15

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Nextcloud Search vendor "Nextcloud"		Talk Search vendor "Nextcloud" for product "Talk"				< 12.2.7 Search vendor "Nextcloud" for product "Talk" and version " < 12.2.7"		-		Affected
Nextcloud Search vendor "Nextcloud"		Talk Search vendor "Nextcloud" for product "Talk"				>= 13.0.0 < 13.0.7 Search vendor "Nextcloud" for product "Talk" and version " >= 13.0.0 < 13.0.7"		-		Affected
Nextcloud Search vendor "Nextcloud"		Talk Search vendor "Nextcloud" for product "Talk"				>= 14.0.0 < 14.0.3 Search vendor "Nextcloud" for product "Talk" and version " >= 14.0.0 < 14.0.3"		-		Affected