Vulnerability Details : CVE-2022-39339
user_oidc is an OpenID Connect user backend for Nextcloud. In versions prior to 1.2.1 sensitive information such as the OIDC client credentials and tokens are sent in plain text of HTTP without TLS. Any malicious actor with access to monitor user traffic may have been able to compromise account security. This issue has been addressed in in user_oidc v1.2.1. Users are advised to upgrade. Users unable to upgrade may use https to access Nextcloud. Set an HTTPS discovery URL in the provider settings (in Nextcloud OIDC admin settings).
Products affected by CVE-2022-39339
- cpe:2.3:a:nextcloud:openid_connect_user_backend:*:*:*:*:*:nextcloud:*:*
Exploit prediction scoring system (EPSS) score for CVE-2022-39339
0.10%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 30 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2022-39339
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
4.3
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
2.8
|
1.4
|
NIST | |
|
4.3
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N |
2.8
|
1.4
|
GitHub, Inc. |
CWE ids for CVE-2022-39339
-
The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.Assigned by:
- nvd@nist.gov (Primary)
- security-advisories@github.com (Secondary)
References for CVE-2022-39339
-
https://github.com/nextcloud/user_oidc/pull/495
Enforce https by julien-nc · Pull Request #495 · nextcloud/user_oidc · GitHubPatch;Third Party Advisory
-
https://hackerone.com/reports/1687005
HackerOnePermissions Required;Third Party Advisory
-
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-2vff-cq8h-chhg
Cleartext Transmission of Sensitive Information in user_oidc · Advisory · nextcloud/security-advisories · GitHubPatch;Third Party Advisory
Jump to