Lucene search
NickvergessenH1:2110945HistoryAug 15, 2023 - 4:38 p.m.
Nextcloud: Memcached used as RateLimiter backend is no-op
2023-08-1516:38:47
nickvergessen
hackerone.com
13
nextcloud
memcached
ratelimiter
cache
bugbounty
bruteforce
db backend
Summary:
When Memcached is used as backend:
https://github.com/nextcloud/server/blob/c705b8fcb3de7910e67cd2ed2d2b38653f58962a/lib/private/Server.php#L787-L799
The following code block is problematic:
https://github.com/nextcloud/server/blob/90104bc1c448c6da2fd3e052fca75bb3fb261c87/lib/private/Memcache/Memcached.php#L135-L139
I guess we need to check the actual cache type and use the DB backend when Memcached is used?
Impact
Any action that partly resets any cache entry will wipe rate limit attempts and future bruteforce protection (with https://github.com/nextcloud/server/pull/39870 )
Related
cvelist
cvelist
nvd
nvd
CVE-2023-45148
2023-10-16 19:15:10
nextcloud
nextcloud
Rate limiter not working reliable when Memcached is installed
2023-10-16 07:19:38
vulnrichment
vulnrichment
cve
cve
CVE-2023-45148
2023-10-16 19:15:10
prion
prion
Code injection
2023-10-16 19:15:00
osv
osv
CVE-2023-45148
2023-10-16 19:15:10
openvas
openvas
redos
redos
ROS-20231024-03
2023-10-24 00:00:00