Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:CVE-2022-39211
HistorySep 16, 2022 - 11:15 p.m.

CVE-2022-39211

2022-09-1623:15:11
Google
osv.dev
4
nextcloud
open source
personal cloud platform
vulnerability
cve-2022-39211
upgrade
nextcloud server
nextcloud enterprise server
webservices

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

AI Score

6.8

Confidence

High

EPSS

0.001

Percentile

30.8%

JSON

Nextcloud server is an open source personal cloud platform. In affected versions it was found that locally running webservices can be found and requested erroneously. It is recommended that the Nextcloud Server is upgraded to 23.0.8 or 24.0.4. It is recommended that the Nextcloud Enterprise Server is upgraded to 22.2.10.4, 23.0.8 or 24.0.4. There are no known workarounds for this issue.

Related

cvelist 1
openvas 1
prion 1
nextcloud 1
nvd 1
cve 1
hackerone 1
cvelist
cvelist
CVE-2022-39211 Server-Side Request Forgery (SSRF) via potential filter bypass in Nextcloud Server
2022-09-16 23:10:10
openvas
openvas
Nextcloud Server < 23.0.8, 24.x < 24.0.4 SSRF Vulnerability (GHSA-rmf9-w497-8cq8)
2022-09-19 00:00:00
prion
prion
Design/Logic Flaw
2022-09-16 23:15:00
nextcloud
nextcloud
Server-Side Request Forgery (SSRF) via potential filter bypass with too lax local domain checking
2022-09-16 04:51:33
nvd
nvd
CVE-2022-39211
2022-09-16 23:15:11
cve
cve
CVE-2022-39211
2022-09-16 23:15:11
hackerone
hackerone
Nextcloud: SSRF via potential filter bypass with too lax local domain checking
2022-06-21 00:57:48

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

AI Score

6.8

Confidence

High

EPSS

0.001

Percentile

30.8%

JSON
Related for OSV:CVE-2022-39211
cvelist1openvas1prion1nextcloud1nvd1cve1hackerone1