CVE-2023-28833

Severity CVSS v4.0:

Pending analysis

Type:

CWE-434 Unrestricted Upload of File with Dangerous Type

Publication date:

30/03/2023

Last modified:

07/04/2023

Description

Nextcloud server is an open source home cloud implementation. In affected versions admins of a server were able to upload a logo or a favicon and to provided a file name which was not restricted and could overwrite files in the appdata directory. Administrators may have access to overwrite these files by other means but this method could be exploited by tricking an admin into uploading a maliciously named file. It is recommended that the Nextcloud Server is upgraded to 24.0.10 or 25.0.4. Users unable to upgrade should avoid ingesting logo files from untrusted sources.

Impact

Vector 3.x

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS v3.1 Severity and Metrics:

Base Score: 8.80 HIGH
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): Required
Scope (S): Unchanged
Confidentiality (C): High
Integrity (I): High
Availability (A): High

Base Score 3.x

8.80

Severity 3.x

HIGH

Vulnerable products and versions

CPE	From	Up to
cpe:2.3:a:nextcloud:nextcloud_server:::::enterprise:::*	23.0.0 (including)	23.0.14 (excluding)
cpe:2.3:a:nextcloud:nextcloud_server:::::-:::*	24.0.0 (including)	24.0.10 (excluding)
cpe:2.3:a:nextcloud:nextcloud_server:::::enterprise:::*	24.0.0 (including)	24.0.10 (excluding)
cpe:2.3:a:nextcloud:nextcloud_server:::::-:::*	25.0.0 (including)	25.0.4 (excluding)
cpe:2.3:a:nextcloud:nextcloud_server:::::enterprise:::*	25.0.0 (including)	25.0.4 (excluding)

To consult the complete list of CPE names with products and versions, see this page

CVE-2023-28833

Description

Impact

Vulnerable products and versions

References to Advisories, Solutions, and Tools