CVE-2023-48306

CWE-918 — Server-Side Request Forgery (SSRF)2 documents2 sources

Severity

9.8CRITICAL

EPSS

0.5%

top 34.05%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Nextcloud Nextcloud Server Nextcloud Security-advisories

Timeline

PublishedNov 21

Description

Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.11, 26.0.6, and 27.1.0 of Nextcloud Server and starting in version 22.0.0 and prior to versions 22.2.10.16, 23.0.12.11, 24.0.12.7, 25.0.11, 26.0.6, and 27.1.0 of Nextcloud Enterprise Server, the DNS pin middleware was vulnerable to DNS rebinding allowing an attacker to perform SSRF as a final result. Nextcloud Server 25.0.11, 26.0.6, and 27.1.0 and Nextcloud …

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:NExploitability: 3.1 | Impact: 1.4

Affected Packages2 packages

▶NVDnextcloud/nextcloud_server22.0.0 — 22.2.10.16+5

▶CVEListV5nextcloud/security-advisories6 versions+5

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

CVEList

Nextcloud Server DNS pin middleware can be tricked into DNS rebinding allowing SSRF↗2023-11-21

▶