Nextcloud Security-Advisories vulnerabilities

CVE-2023-25818 [HIGH] CWE-307 CVE-2023-25818: Nextcloud server is an open source, personal cloud implementation. In affected versions a malicious Nextcloud server is an open source, personal cloud implementation. In affected versions a malicious user could try to reset the password of another user and then brute force the 62^21 combinations for the password reset token. As of commit `704eb3aa` password reset attempts are now throttled. Note that 62^21 combinations would significant compute resou

CVE-2023-25817 [HIGH] CWE-281 CVE-2023-25817: Nextcloud server is an open source, personal cloud implementation. In versions from 24.0.0 and befor Nextcloud server is an open source, personal cloud implementation. In versions from 24.0.0 and before 24.0.9 a user could escalate their permissions to delete files they were not supposed to deletable but only viewed or downloaded. This issue has been addressed andit is recommended that the Nextcloud Server is upgraded to 24.0.9. There are no known wo

CVE-2023-25820 [HIGH] CWE-307 CVE-2023-25820: Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform, and Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform, and Nextcloud Enterprise Server is the enterprise version of the file server software. In Nextcloud Server versions 25.0.x prior to 25.0.5 and versions 24.0.x prior to 24.0.10 as well as Nextcloud Enterprise Server versions 25.0.x prior to 25.0.4, 24.0.x p

CVE-2023-26041 [MEDIUM] CWE-359 CVE-2023-26041: Nextcloud Talk is a fully on-premises audio/video and chat communication service. When cron jobs wer Nextcloud Talk is a fully on-premises audio/video and chat communication service. When cron jobs were misconfigured and therefore messages are not expired, the API would still return them while they were then hidden by the frontend code. It is recommended that the Nextcloud Talk is upgraded to 15.0.3. There are no workaround available.

CVE-2023-25821 [HIGH] CWE-284 CVE-2023-25821: Nextcloud is an Open Source private cloud software. Versions 24.0.4 and above, prior to 24.0.7, and Nextcloud is an Open Source private cloud software. Versions 24.0.4 and above, prior to 24.0.7, and 25.0.0 and above, prior to 25.0.1, contain Improper Access Control. Secure view for internal shares can be circumvented if reshare permissions are also given. This issue is patched in versions 24.0.7 and 25.0.1. No workaround is available.

CVE-2023-25816 [MEDIUM] CWE-400 CVE-2023-25816: Nextcloud is an Open Source private cloud software. Versions 25.0.0 and above, prior to 25.0.3, are Nextcloud is an Open Source private cloud software. Versions 25.0.0 and above, prior to 25.0.3, are subject to Uncontrolled Resource Consumption. A user can configure a very long password, consuming more resources on password validation than desired. This issue is patched in 25.0.3 No workaround is available.

CVE-2023-25579 [HIGH] CWE-22 CVE-2023-25579: Nextcloud server is a self hosted home cloud product. In affected versions the `OC\Files\Node\Folder Nextcloud server is a self hosted home cloud product. In affected versions the `OC\Files\Node\Folder::getFullPath()` function was validating and normalizing the string in the wrong order. The function is used in the `newFile()` and `newFolder()` items, which may allow to creation of paths outside of ones own space and overwriting data from other users

CVE-2023-25161 [MEDIUM] CWE-284 CVE-2023-25161: Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Nex Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Nextcloud Server and Nextcloud Enterprise Server prior to versions 25.0.1 24.0.8, and 23.0.12 missing rate limiting on password reset functionality. This could result in service slowdown, storage overflow, or cost impact when using external email service

CVE-2023-25159 [MEDIUM] CWE-284 CVE-2023-25159: Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform, and Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform, and Nextcloud Office is a document collaboration app for the same platform. Nextcloud Server 24.0.x prior to 24.0.8 and 25.0.x prior to 25.0.1, Nextcloud Enterprise Server 24.0.x prior to 24.0.8 and 25.0.x prior to 25.0.1, and Nextcloud Office (Richdocum

CVE-2023-25160 [MEDIUM] CWE-639 CVE-2023-25160: Nextcloud Mail is an email app for the Nextcloud home server platform. Prior to versions 2.2.1, 1.14 Nextcloud Mail is an email app for the Nextcloud home server platform. Prior to versions 2.2.1, 1.14.5, 1.12.9, and 1.11.8, an attacker can access the mail box by ID getting the subjects and the first characters of the emails. Users should upgrade to Mail 2.2.1 for Nextcloud 25, Mail 1.14.5 for Nextcloud 22-24, Mail 1.12.9 for Nextcloud 21, or Mail

CVE-2023-25162 [MEDIUM] CWE-918 CVE-2023-25162: Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Nex Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Nextcloud Server prior to 24.0.8 and 23.0.12 and Nextcloud Enterprise server prior to 24.0.8 and 23.0.12 are vulnerable to server-side request forgery (SSRF). Attackers can leverage enclosed alphanumeric payloads to bypass IP filters and gain SSRF, which

CVE-2023-25150 [MEDIUM] CWE-284 CVE-2023-25150: Nextcloud office/richdocuments is an office suit for the nextcloud server platform. In affected vers Nextcloud office/richdocuments is an office suit for the nextcloud server platform. In affected versions the Collabora integration can be tricked to provide access to any file without proper permission validation. As a result any user with access to Collabora can obtain the content of other users files. It is recommended that the Nextcloud Office Ap

CVE-2023-23944 [MEDIUM] CWE-312 CVE-2023-23944: Nextcloud mail is an email app for the nextcloud home server platform. In versions prior to 2.2.2 us Nextcloud mail is an email app for the nextcloud home server platform. In versions prior to 2.2.2 user's passwords were stored in cleartext in the database during the duration of OAuth2 setup procedure. Any attacker or malicious user with access to the database would have access to these user passwords until the OAuth setup has been completed. It is

CVE-2023-23943 [MEDIUM] CWE-918 CVE-2023-23943: Nextcloud mail is an email app for the nextcloud home server platform. In affected versions the SMTP Nextcloud mail is an email app for the nextcloud home server platform. In affected versions the SMTP, IMAP and Sieve host fields allowed to scan for internal services and servers reachable from within the local network of the Nextcloud Server. It is recommended that the Nextcloud Maill app is upgraded to 1.15.0 or 2.2.2. The only known workaround fo

CVE-2023-23942 [MEDIUM] CWE-79 CVE-2023-23942: The Nextcloud Desktop Client is a tool to synchronize files from a Nextcloud Server with your comput The Nextcloud Desktop Client is a tool to synchronize files from a Nextcloud Server with your computer. Versions prior to 3.6.3 are missing sanitisation on qml labels which are used for basic HTML elements such as `strong`, `em` and `head` lines in the UI of the desktop client. The lack of sanitisation may allow for javascript injection. It is recomm

CVE-2023-22471 [MEDIUM] CWE-639 CVE-2023-22471: Deck is a kanban style organization tool aimed at personal planning and project organization for tea Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. Broken access control allows a user to delete attachments of other users. There are currently no known workarounds. It is recommended that the Nextcloud Deck app is upgraded to 1.6.5 or 1.7.3 or 1.8.2.

CVE-2023-22470 [MEDIUM] CWE-400 CVE-2023-22470: Nextcloud Deck is a kanban style organization tool aimed at personal planning and project organizati Nextcloud Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. A database error can be generated potentially causing a DoS when performed multiple times. There are currently no known workarounds. It is recommended that the Nextcloud Server is upgraded to 1.6.5 or 1.7.3 or 1

CVE-2023-22469 [LOW] CWE-922 CVE-2023-22469: Deck is a kanban style organization tool aimed at personal planning and project organization for tea Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. When getting the reference preview for Deck cards the user has no access to, unauthorized user could eventually get the cached data of a user that has access. There are currently no known workarounds. It is recommended that

CVE-2023-22472 [HIGH] CWE-352 CVE-2023-22472: Deck is a kanban style organization tool aimed at personal planning and project organization for tea Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. It is possible to make a user send any POST request with an arbitrary body given they click on a malicious deep link on a Windows computer. (e.g. in an email, chat link, etc). There are currently no known workarounds. It is

CVE-2023-22473 [LOW] CWE-284 CVE-2023-22473: Talk-Android enables users to have video & audio calls through Nextcloud on Android. Due to passcode Talk-Android enables users to have video & audio calls through Nextcloud on Android. Due to passcode bypass, an attacker is able to access the user's Nextcloud files and view conversations. To exploit this the attacker needs to have physical access to the target's device. There are currently no known workarounds available. It is recommended that the Ne