6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
0.003 Low
EPSS
Percentile
70.1%
Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.1.2,
9.0.6, and 8.2.9 suffer from SMB User Authentication Bypass.
Nextcloud/ownCloud include an optional and not by default enabled SMB
authentication component that allows authenticating users against an SMB
server. This backend is implemented in a way that tries to connect to a SMB
server and if that succeeded consider the user logged-in. The backend did
not properly take into account SMB servers that have any kind of anonymous
auth configured. This is the default on SMB servers nowadays and allows an
unauthenticated attacker to gain access to an account without valid
credentials. Note: The SMB backend is disabled by default and requires
manual configuration in the Nextcloud/ownCloud config file. If you have not
configured the SMB backend then you’re not affected by this vulnerability.
github.com/nextcloud/apps/commit/b85ace6840b8a6704641086bc3b8eb8e81cb2274
github.com/nextcloud/apps/commit/decb91fd31f4ffab191cbf09ce4e5c55c67a4087
github.com/owncloud/apps/commit/16cbccfc946c8711721fa684d78135ca1fb64791
github.com/owncloud/apps/commit/5d47e7b52646cf79edadd78ce10c754290cbb732
github.com/owncloud/apps/commit/a0e07b7ddd5a5fd850a6e07f8457d05b76a300b3
hackerone.com/reports/148151
launchpad.net/bugs/cve/CVE-2016-9463
nextcloud.com/security/advisory/?id=nc-sa-2016-006
nvd.nist.gov/vuln/detail/CVE-2016-9463
owncloud.org/security/advisory/?id=oc-sa-2016-017
rhinosecuritylabs.com/2016/10/operation-ownedcloud-exploitation-post-exploitation-persistence/
security-tracker.debian.org/tracker/CVE-2016-9463
www.cve.org/CVERecord?id=CVE-2016-9463
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
0.003 Low
EPSS
Percentile
70.1%