CVE-2023-28834

Exploit

EPSS 0.35%
Veröffentlicht 03.04.2023 17:15:06
Zuletzt bearbeitet 21.11.2024 07:56:07
Quelle security-advisories@github.com
CVE-Watchlists
Login
Unerledigt
Login

Full path of data directory exposed to Nextcloud server users

Full path of data directory exposed to users

Nextcloud Server is an open source personal cloud server. Nextcloud Server 24.0.0 until 24.0.6 and 25.0.0 until 25.0.4, as well as Nextcloud Enterprise Server 23.0.0 until 23.0.11, 24.0.0 until 24.0.6, and 25.0.0 until 25.0.4, have an information disclosure vulnerability. A user was able to get the full data directory path of the Nextcloud server from an API endpoint. By itself this information is not problematic as it can also be guessed for most common setups, but it could speed up other unknown attacks in the future if the information is known. Nextcloud Server 24.0.6 and 25.0.4 and Nextcloud Enterprise Server 23.0.11, 24.0.6, and 25.0.4 contain patches for this issue. There are no known workarounds.

Mögliche Gegenmaßnahme

Server: * No workaround available

Enterprise Server: * No workaround available

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 8

NVD 5 VulnDex Vulnerability Enrichment 2

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Nextcloud ≫ Nextcloud Server SwEditionenterprise Version >= 23.0.0 < 23.0.14

Nextcloud ≫ Nextcloud Server SwEdition- Version >= 24.0.0 < 24.0.10

Nextcloud ≫ Nextcloud Server SwEditionenterprise Version >= 24.0.0 < 24.0.10

Nextcloud ≫ Nextcloud Server SwEdition- Version >= 25.0.0 < 25.0.4

Nextcloud ≫ Nextcloud Server SwEditionenterprise Version >= 25.0.0 < 25.0.4

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Weitere Schwachstelleninformationen

SystemNextcloud

≫

Produkt Server

Version >= 24.0.0, < 24.0.10

Version >= 25.0.0, < 25.0.4

SystemNextcloud

≫

Produkt Enterprise Server

Version >= 23.0.0, < 23.0.14

Version >= 24.0.0, < 24.0.10

Version >= 25.0.0, < 25.0.4

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.35%	0.575

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.3	2.8	1.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
security-advisories@github.com	3.5	2.1	1.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N

CWE-212 Improper Removal of Sensitive Information Before Storage or Transfer

The product stores, transfers, or shares a resource that contains sensitive information, but it does not properly remove that information before the product makes the resource available to unauthorized actors.

https://github.com/nextcloud/security-advisories/security/advisories/GHSA-5w64-6c42-rgcv

Vendor Advisory

https://github.com/nextcloud/server/issues/33883

Third Party Advisory

Exploit

Issue Tracking

https://github.com/nextcloud/server/pull/36094

Patch

https://hackerone.com/reports/1690510

Patch

Third Party Advisory

Exploit