Nextcloud 安全漏洞(CVE-2023-35172)

CVE编号

CVE-2023-35172

利用情况

暂无

补丁情况

N/A

披露时间

2023-06-24

漏洞描述

NextCloud Server and NextCloud Enterprise Server provide file storage for Nextcloud, a self-hosted productivity platform. In NextCloud Server versions 25.0.0 until 25.0.7 and 26.0.0 until 26.0.2 and Nextcloud Enterprise Server versions 21.0.0 until 21.0.9.12, 22.0.0 until 22.2.10.12, 23.0.0 until 23.0.12.7, 24.0.0 until 24.0.12.2, 25.0.0 until 25.0.7, and 26.0.0 until 26.0.2, an attacker can bruteforce the password reset links. Nextcloud Server n 25.0.7 and 26.0.2 and Nextcloud Enterprise Server 21.0.9.12, 22.2.10.12, 23.0.12.7, 24.0.12.2, 25.0.7, and 26.0.2 contain a patch for this issue. No known workarounds are available.

解决建议

"将组件 nextcloud_server 升级至 23.0.12.7 及以上版本""将组件 nextcloud_server 升级至 24.0.12.2 及以上版本""将组件 nextcloud_server 升级至 26.0.2 及以上版本""将组件 nextcloud_server 升级至 25.0.7 及以上版本""将组件 nextcloud_server 升级至 21.0.9.12 及以上版本""将组件 nextcloud_server 升级至 22.2.10.12 及以上版本"

参考链接
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-mjf...
https://github.com/nextcloud/server/pull/38267
https://hackerone.com/reports/1987062

受影响软件情况

#	类型	厂商	产品	版本	影响面
1
	运行在以下环境
	应用	nextcloud	nextcloud_server	*	From (including) 21.0.0	Up to (excluding) 21.0.9.12
	运行在以下环境
	应用	nextcloud	nextcloud_server	*	From (including) 22.0.0	Up to (excluding) 22.2.10.12
	运行在以下环境
	应用	nextcloud	nextcloud_server	*	From (including) 23.0.0	Up to (excluding) 23.0.12.7
	运行在以下环境
	应用	nextcloud	nextcloud_server	*	From (including) 24.0.0	Up to (excluding) 24.0.12.2
	运行在以下环境
	应用	nextcloud	nextcloud_server	*	From (including) 25.0.0	Up to (excluding) 25.0.7
	运行在以下环境
	应用	nextcloud	nextcloud_server	*	From (including) 26.0.0	Up to (excluding) 26.0.2

CVSS3评分 9.1

• 攻击路径 网络
• 攻击复杂度 低
• 权限要求 无
• 影响范围 未更改
• 用户交互 无
• 可用性 无
• 保密性 高
• 完整性 高

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-ID	漏洞类型
CWE-307	过多认证尝试的限制不恰当

Exp相关链接

- avd.aliyun.com