CVE-2023-25821 : Nextcloud is an Open Source private cloud software. Versions 24.0.4 and above, p

Nextcloud is an Open Source private cloud software. Versions 24.0.4 and above, prior to 24.0.7, and 25.0.0 and above, prior to 25.0.1, contain Improper Access Control. Secure view for internal shares can be circumvented if reshare permissions are also given. This issue is patched in versions 24.0.7 and 25.0.1. No workaround is available.

Published 2023-02-25 00:15:11

Updated 2023-03-07 02:13:49

Source GitHub, Inc.

View at NVD, CVE.org

Vulnerability category: BypassGain privilege

Products affected by CVE-2023-25821

Nextcloud » Nextcloud Server
Versions from including (>=) 24.0.4 and before (<) 24.0.7
cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:*:*:*:*
Matching versions
Nextcloud » Nextcloud Server » Enterprise Edition
Versions from including (>=) 24.0.4 and before (<) 24.0.7
cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*
Matching versions
Nextcloud » Nextcloud Server » Version: 25.0.0 Enterprise Edition
cpe:2.3:a:nextcloud:nextcloud_server:25.0.0:*:*:*:enterprise:*:*:*
Matching versions
Nextcloud » Nextcloud Server » Version: 25.0.0
cpe:2.3:a:nextcloud:nextcloud_server:25.0.0:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2023-25821

EPSS FAQ

0.26%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 49 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2023-25821

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.5	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N	3.9	3.6	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: None Availability: None
5.7	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N	2.1	3.6	GitHub, Inc.
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: Required Scope: Unchanged Confidentiality: High Integrity: None Availability: None

CWE ids for CVE-2023-25821

CWE-284 Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

Assigned by: security-advisories@github.com (Secondary)

References for CVE-2023-25821

https://hackerone.com/reports/1724016

HackerOne
Exploit;Third Party Advisory
https://github.com/nextcloud/server/pull/34502

Propagate attributes when resharing by CarlSchwan · Pull Request #34502 · nextcloud/server · GitHub
Patch
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-7w6h-5qgw-4j94

Download permissions can be changed by resharer · Advisory · nextcloud/security-advisories · GitHub
Vendor Advisory

Jump to

Vulnerability Details : CVE-2023-25821

Products affected by CVE-2023-25821

Exploit prediction scoring system (EPSS) score for CVE-2023-25821

CVSS scores for CVE-2023-25821

CWE ids for CVE-2023-25821

References for CVE-2023-25821