Lucene search

NextcloudGHSA-HHQ4-4PR8-WM27

HistoryMar 30, 2023 - 8:11 a.m.

Potential share collision for recipients when caching is enabled

2023-03-3008:11:02

github.com

nextcloud

share collision

caching

upgrade

memory cache

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

43.8%

JSON

Description

Impact

When a recipient receives 2 shares with the same name, while a memory cache is configured, the second share will replace the first one instead of being renamed to … (2)

Patches

It is recommended that the Nextcloud Server is upgraded to 25.0.3 or 24.0.9.
It is recommended that the Nextcloud Enterprise Server is upgraded to 25.0.3 or 24.0.9.

Workarounds

Avoid sharing 2 folders with the same name to the same user.

References

For more information

If you have any questions or comments about this advisory:

Create a post in nextcloud/security-advisories
Customers: Open a support ticket at support.nextcloud.com

CPENameOperatorVersion
serverlt24.0.0
serverlt25.0.0

CPE	Name	Operator	Version
	server	lt	24.0.0
	server	lt	25.0.0

References

github.com/nextcloud/server/issues/34015

github.com/nextcloud/server/pull/36047

hackerone.com/reports/1697281

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

43.8%

JSON

Related for GHSA-HHQ4-4PR8-WM27