Lucene search
Copyright (C) 2023 Greenbone AGOPENVAS:1361412562310149842HistoryJun 23, 2023 - 12:00 a.m.
Nextcloud Server 25.x < 25.0.7, 26.x < 26.0.2 Brute Force Protection Vulnerability (GHSA-qphh-6xh7-vffg)
2023-06-2300:00:00
Copyright (C) 2023 Greenbone AG
plugins.openvas.org
8
nextcloud
server
brute force
vulnerability
protection
update
security advisory
CVSS3
8.7
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
AI Score
9.2
Confidence
High
EPSS
0.001
Percentile
49.8%
Nextcloud Server is prone to vulnerability in the brute force
protection.
This VT has been replaced by the VT
# SPDX-FileCopyrightText: 2023 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if (description)
{
script_oid("1.3.6.1.4.1.25623.1.0.149842");
script_version("2023-11-03T16:10:08+0000");
script_tag(name:"last_modification", value:"2023-11-03 16:10:08 +0000 (Fri, 03 Nov 2023)");
script_tag(name:"creation_date", value:"2023-06-23 04:30:20 +0000 (Fri, 23 Jun 2023)");
script_tag(name:"cvss_base", value:"7.8");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:N/A:N");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2023-06-30 17:49:00 +0000 (Fri, 30 Jun 2023)");
script_cve_id("CVE-2023-32320");
script_tag(name:"qod_type", value:"remote_banner");
script_tag(name:"solution_type", value:"VendorFix");
script_name("Nextcloud Server 25.x < 25.0.7, 26.x < 26.0.2 Brute Force Protection Vulnerability (GHSA-qphh-6xh7-vffg)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2023 Greenbone AG");
script_family("Web application abuses");
script_tag(name:"summary", value:"Nextcloud Server is prone to vulnerability in the brute force
protection.
This VT has been replaced by the VT 'Nextcloud Server 25.x < 25.0.7, 26.x < 26.0.2 Multiple
Vulnerabilities (GHSA-qphh-6xh7-vffg, GHSA-mjf5-p765-qmr6, GHSA-h7f7-535f-7q87,
GHSA-637g-xp2c-qh5h)' OID:1.3.6.1.4.1.25623.1.0.126433.");
script_tag(name:"deprecated", value:TRUE);
script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");
script_tag(name:"insight", value:"When multiple requests are sent in parallel, all of them were
executed even if the amount of faulty requests succeeded the limit by the time the response is
sent to the client. This allowed to send as many requests the server could handle in parallel to
bruteforce protected details instead of the configured limit (default 8).");
script_tag(name:"affected", value:"Nextcloud Server version 25.x prior to 25.0.7 and 26.x prior
to 26.0.2.");
script_tag(name:"solution", value:"Update to version 25.0.7, 26.0.2 or later.");
script_xref(name:"URL", value:"https://github.com/nextcloud/security-advisories/security/advisories/GHSA-qphh-6xh7-vffg");
exit(0);
}
exit( 66 );
Related
hackerone
hackerone
Nextcloud: Brute force protection allows to send more requests than intended
2023-03-26 19:35:17
cvelist
cvelist
osv
osv
CVE-2023-32320
2023-06-22 21:15:09
nextcloud
nextcloud
Brute force protection allows to send more requests than intended
2023-06-22 06:14:26
cve
cve
CVE-2023-32320
2023-06-22 21:15:09
nvd
nvd
CVE-2023-32320
2023-06-22 21:15:09
prion
prion
Design/Logic Flaw
2023-06-22 21:15:00
CVSS3
8.7
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
AI Score
9.2
Confidence
High
EPSS
0.001
Percentile
49.8%
Related for OPENVAS:1361412562310149842