CVE-2024-52508
Nextcloud Mail auto configurator can be tricked into sending account information to wrong servers
Severity Score
8.2
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Track*
*SSVC
Descriptions
Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. When a user is trying to set up a mail account with an email address like user@example.tld that does not support auto configuration, and an attacker managed to register autoconfig.tld, the used email details would be send to the server of the attacker. It is recommended that the Nextcloud Mail app is upgraded to 1.14.6, 1.15.4, 2.2.11, 3.6.3, 3.7.7 or 4.0.0.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Track*
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2024-11-11 CVE Reserved
- 2024-11-15 CVE Published
- 2024-11-15 CVE Updated
- 2024-11-16 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| https://github.com/nextcloud/mail/commit/a84c70e15d814dab6f0e8eda71bbaaf48152079b | X_refsource_misc | |
| https://github.com/nextcloud/mail/pull/9964 | X_refsource_misc | |
| https://github.com/nextcloud/security-advisories/security/advisories/GHSA-vmhx-hwph-q6mc | X_refsource_confirm | |
| https://hackerone.com/reports/2508422 | X_refsource_misc |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Nextcloud Search vendor "Nextcloud" | Security-advisories Search vendor "Nextcloud" for product "Security-advisories" | >= 1.9.0 < 1.14.6 Search vendor "Nextcloud" for product "Security-advisories" and version " >= 1.9.0 < 1.14.6" | en |
Affected
| ||||||
| Nextcloud Search vendor "Nextcloud" | Security-advisories Search vendor "Nextcloud" for product "Security-advisories" | >= 2.1.0 < 2.2.11 Search vendor "Nextcloud" for product "Security-advisories" and version " >= 2.1.0 < 2.2.11" | en |
Affected
| ||||||
| Nextcloud Search vendor "Nextcloud" | Security-advisories Search vendor "Nextcloud" for product "Security-advisories" | >= 3.1.0 < 3.6.3 Search vendor "Nextcloud" for product "Security-advisories" and version " >= 3.1.0 < 3.6.3" | en |
Affected
| ||||||
| Nextcloud Search vendor "Nextcloud" | Security-advisories Search vendor "Nextcloud" for product "Security-advisories" | >= 1.15.0 < 1.15.4 Search vendor "Nextcloud" for product "Security-advisories" and version " >= 1.15.0 < 1.15.4" | en |
Affected
| ||||||
| Nextcloud Search vendor "Nextcloud" | Security-advisories Search vendor "Nextcloud" for product "Security-advisories" | >= 3.7.0 < 3.7.7 Search vendor "Nextcloud" for product "Security-advisories" and version " >= 3.7.0 < 3.7.7" | en |
Affected
| ||||||