CVE-2023-48306

2023-11-2123:15:07

CWE-918

[email protected]

web.nvd.nist.gov

nextcloud

nextcloud server

nextcloud enterprise server

dns rebinding

ssrf

security vulnerability

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

29.9%

JSON

Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.11, 26.0.6, and 27.1.0 of Nextcloud Server and starting in version 22.0.0 and prior to versions 22.2.10.16, 23.0.12.11, 24.0.12.7, 25.0.11, 26.0.6, and 27.1.0 of Nextcloud Enterprise Server, the DNS pin middleware was vulnerable to DNS rebinding allowing an attacker to perform SSRF as a final result. Nextcloud Server 25.0.11, 26.0.6, and 27.1.0 and Nextcloud Enterprise Server 22.2.10.16, 23.0.12.11, 24.0.12.7, 25.0.11, 26.0.6, and 27.1.0 contain patches for this issue. No known workarounds are available.

Affected configurations

Nvd

Node

nextcloudnextcloud_serverRange22.0.0–22.2.10.16enterprise

nextcloudnextcloud_serverRange23.0.0–23.0.12.11enterprise

nextcloudnextcloud_serverRange24.0.0–24.0.12.7enterprise

nextcloudnextcloud_serverRange25.0.0–25.0.11-

nextcloudnextcloud_serverRange25.0.0–25.0.11enterprise

nextcloudnextcloud_serverRange26.0.0–26.0.6-

nextcloudnextcloud_serverRange26.0.0–26.0.6enterprise

nextcloudnextcloud_serverRange27.0.0–27.1.0-

nextcloudnextcloud_serverRange27.0.0–27.1.0enterprise

VendorProductVersionCPE
nextcloudnextcloud_server*cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*
nextcloudnextcloud_server*cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:-:*:*:*

Vendor	Product	Version	CPE
nextcloud	nextcloud_server	*	cpe:2.3:a:nextcloud:nextcloud_server:::::enterprise:::*
nextcloud	nextcloud_server	*	cpe:2.3:a:nextcloud:nextcloud_server:::::-:::*