5

CVE-2023-23943

Exploit

Blind SSRF via server URL input in the Nextcloud Mail app

Blind SSRF via server URL input in the Nextcloud Mail app

Nextcloud mail is an email app for the nextcloud home server platform. In affected versions the SMTP, IMAP and Sieve host fields allowed to scan for internal services and servers reachable from within the local network of the Nextcloud Server. It is recommended that the Nextcloud Maill app is upgraded to 1.15.0 or 2.2.2. The only known workaround for this issue is to completely disable the nextcloud mail app.
Mögliche Gegenmaßnahme
Mail: * Disable the mail app
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
NextcloudMail Version < 1.15.0
NextcloudMail Version >= 2.2.0 < 2.2.2
Weitere Schwachstelleninformationen
SystemNextcloud App
Produkt Mail
Version >= 0.0.0, < 1.15.0
Version >= 2.2.0, < 2.2.2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.78% 0.733
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 2.8 1.4
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
security-advisories@github.com 5 3.1 1.4
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
CWE-918 Server-Side Request Forgery (SSRF)

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

https://hackerone.com/reports/1736390
Third Party Advisory
Exploit
https://hackerone.com/reports/1741525
Third Party Advisory
Exploit
https://hackerone.com/reports/1746582
Third Party Advisory
Exploit