CVE-2023-28834

2023-04-0317:15:06

Google

osv.dev

nextcloud

nextcloud server

enterprise server

information disclosure

vulnerability

data directory path

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

31.1%

JSON

Nextcloud Server is an open source personal cloud server. Nextcloud Server 24.0.0 until 24.0.6 and 25.0.0 until 25.0.4, as well as Nextcloud Enterprise Server 23.0.0 until 23.0.11, 24.0.0 until 24.0.6, and 25.0.0 until 25.0.4, have an information disclosure vulnerability. A user was able to get the full data directory path of the Nextcloud server from an API endpoint. By itself this information is not problematic as it can also be guessed for most common setups, but it could speed up other unknown attacks in the future if the information is known. Nextcloud Server 24.0.6 and 25.0.4 and Nextcloud Enterprise Server 23.0.11, 24.0.6, and 25.0.4 contain patches for this issue. There are no known workarounds.

CPENameOperatorVersion
servereq25.0.1
servereq25.0.4rc1
servereq25.0.3rc1
servereq25.0.1rc1
servereq25.0.2rc1
servereq25.0.0
servereq25.0.2rc3
servereq25.0.2rc2
servereq25.0.2
servereq25.0.3

Name	Operator	Version
server	eq	25.0.1
server	eq	25.0.4rc1
server	eq	25.0.3rc1
server	eq	25.0.1rc1
server	eq	25.0.2rc1
server	eq	25.0.0
server	eq	25.0.2rc3
server	eq	25.0.2rc2
server	eq	25.0.2
server	eq	25.0.3