Lucene search

CVE-2023-49792

🗓️ 22 Dec 2023 17:08:15Reported by GoogleType

osv🔗 osv.dev👁 17 Views

Nextcloud Server and Nextcloud Enterprise Server prior to versions 26.0.9 and 27.1.4, as well as versions 23.0.12.13, 24.0.12.9, 25.0.13.4, 26.0.9, and 27.1.4, allows attackers to execute authentication attempts

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 9
Hacker One	Nextcloud: Bruteforce protection in password verification can be bypassed	29 Oct 202307:37	–	hackerone
CVE	CVE-2023-49792	22 Dec 202317:15	–	cve
Vulnrichment	CVE-2023-49792 Bruteforce protection can be bypassed with misconfigured proxy	22 Dec 202316:31	–	vulnrichment
Prion	Authentication flaw	22 Dec 202317:15	–	prion
Cvelist	CVE-2023-49792 Bruteforce protection can be bypassed with misconfigured proxy	22 Dec 202316:31	–	cvelist
NVD	CVE-2023-49792	22 Dec 202317:15	–	nvd
Nextcloud	Bruteforce protection can be bypassed with misconfigured proxy	18 Dec 202308:27	–	nextcloud
OpenVAS	Nextcloud Server Multiple Vulnerabilities (GHSA-3f8p-6qww-2prr, GHSA-5j2p-q736-hw98)	20 Dec 202300:00	–	openvas
Redos	ROS-20240627-06	27 Jun 202400:00	–	redos

Source	Link
github	www.github.com/nextcloud/security-advisories/security/advisories/GHSA-5j2p-q736-hw98
github	www.github.com/nextcloud/server/pull/41526
hackerone	www.hackerone.com/reports/2230915

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

22 Dec 2023 17:15Current

7High risk

Vulners AI Score7

CVSS35.3 - 9.8

EPSS0.00354

SSVC