CVE-2024-22403

Nextcloud server is a self hosted personal cloud system. In affected versions OAuth codes did not expire. When an attacker would get access to an authorization code they could authenticate at any time using the code. As of version 28.0.0 OAuth codes are invalidated after 10 minutes and will no longer be authenticated. To exploit this vulnerability an attacker would need to intercept an OAuth code from a user session. It is recommended that the Nextcloud Server is upgraded to 28.0.0. There are no known workarounds for this vulnerability.

CVSS v3 3.7 LOW

3.7^/10

CVSS v3 : LOW

V3 Legend

Vector :

Exploitability : 2.2 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-wppc-f5g8-vx36	Vendor Advisory
https://github.com/nextcloud/server/pull/40766	Patch Vendor Advisory
https://hackerone.com/reports/1784162	Permissions Required Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S6PN4GVJ5TZUC6WSG4X3ZA3AMPBEKNAX/

Configurations

Configuration 1 (hide)

cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:*:*:*:*

History

01 May 2024, 05:15

Type	Values Removed	Values Added
References		() https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S6PN4GVJ5TZUC6WSG4X3ZA3AMPBEKNAX/ -

26 Jan 2024, 21:03

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~3.0~~	v2 : unknown v3 : 3.7
References	~~() https://github.com/nextcloud/security-advisories/security/advisories/GHSA-wppc-f5g8-vx36 -~~	() https://github.com/nextcloud/security-advisories/security/advisories/GHSA-wppc-f5g8-vx36 - Vendor Advisory
References	~~() https://github.com/nextcloud/server/pull/40766 -~~	() https://github.com/nextcloud/server/pull/40766 - Patch, Vendor Advisory
References	~~() https://hackerone.com/reports/1784162 -~~	() https://hackerone.com/reports/1784162 - Permissions Required, Third Party Advisory
CPE		cpe:2.3:a:nextcloud:nextcloud_server::::::::
First Time		Nextcloud Nextcloud nextcloud Server
Summary		(es) El servidor Nextcloud es un sistema de nube personal autohospedado. En las versiones afectadas, los códigos OAuth no caducaban. Cuando un atacante tuviera acceso a un código de autorización, podría autenticarse en cualquier momento utilizando el código. A partir de la versión 28.0.0, los códigos OAuth se invalidan después de 10 minutos y ya no se autenticarán. Para aprovechar esta vulnerabilidad, un atacante necesitaría interceptar un código OAuth de una sesión de usuario. Se recomienda actualizar el servidor Nextcloud a 28.0.0. No se conocen workarounds para esta vulnerabilidad.

18 Jan 2024, 20:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-01-18 20:15

Updated : 2024-05-01 05:15

NVD link : CVE-2024-22403

Mitre link : CVE-2024-22403

CVE.ORG link : CVE-2024-22403

JSON object : View

Products Affected

nextcloud

nextcloud_server

CWE

CWE-613

Insufficient Session Expiration

3.7 /10