CVE-2022-36074 - OpenCVE

Nextcloud server is an open source personal cloud product. Affected versions of this package are vulnerable to Information Exposure which fails to strip the Authorization header on HTTP downgrade. This can lead to account access exposure and compromise. It is recommended that the Nextcloud Server is upgraded to 23.0.7 or 24.0.3. It is recommended that the Nextcloud Enterprise Server is upgraded to 22.2.11, 23.0.7 or 24.0.3. There are no known workarounds for this issue.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Nextcloud	Nextcloud Server Nextcloud Enterprise Server

Configuration 1 [-]

OR	cpe:2.3:a:nextcloud:nextcloud_enterprise_server::::::::
	cpe:2.3:a:nextcloud:nextcloud_enterprise_server::::::::
	cpe:2.3:a:nextcloud:nextcloud_enterprise_server::::::::
	cpe:2.3:a:nextcloud:nextcloud_server::::::::
	cpe:2.3:a:nextcloud:nextcloud_server::::::::

References

Link	Resource
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-vqgm-f748-g76v	Third Party Advisory
https://github.com/nextcloud/server/pull/32941	Patch Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: GitHub_M

Published: 2022-09-15T22:00:15

Updated: 2022-09-15T22:00:15

Reserved: 2022-07-15T00:00:00

Link: CVE-2022-36074

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-09-15T22:15:11.303

Modified: 2023-07-21T21:01:21.577

Link: CVE-2022-36074

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "security-advisories", "vendor": "nextcloud", "versions": [{"status": "affected", "version": "< 23.0.7"}, {"status": "affected", "version": ">= 24.0.0, < 24.0.3"}]}], "descriptions": [{"lang": "en", "value": "Nextcloud server is an open source personal cloud product. Affected versions of this package are vulnerable to Information Exposure which fails to strip the Authorization header on HTTP downgrade. This can lead to account access exposure and compromise. It is recommended that the Nextcloud Server is upgraded to 23.0.7 or 24.0.3. It is recommended that the Nextcloud Enterprise Server is upgraded to 22.2.11, 23.0.7 or 24.0.3. There are no known workarounds for this issue."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-200", "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-09-15T22:00:15", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-vqgm-f748-g76v"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/nextcloud/server/pull/32941"}], "source": {"advisory": "GHSA-vqgm-f748-g76v", "discovery": "UNKNOWN"}, "title": "Authentication headers exposed on by Nextcloud Server", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2022-36074", "STATE": "PUBLIC", "TITLE": "Authentication headers exposed on by Nextcloud Server"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "security-advisories", "version": {"version_data": [{"version_value": "< 23.0.7"}, {"version_value": ">= 24.0.0, < 24.0.3"}]}}]}, "vendor_name": "nextcloud"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Nextcloud server is an open source personal cloud product. Affected versions of this package are vulnerable to Information Exposure which fails to strip the Authorization header on HTTP downgrade. This can lead to account access exposure and compromise. It is recommended that the Nextcloud Server is upgraded to 23.0.7 or 24.0.3. It is recommended that the Nextcloud Enterprise Server is upgraded to 22.2.11, 23.0.7 or 24.0.3. There are no known workarounds for this issue."}]}, "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"}]}]}, "references": {"reference_data": [{"name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-vqgm-f748-g76v", "refsource": "CONFIRM", "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-vqgm-f748-g76v"}, {"name": "https://github.com/nextcloud/server/pull/32941", "refsource": "MISC", "url": "https://github.com/nextcloud/server/pull/32941"}]}, "source": {"advisory": "GHSA-vqgm-f748-g76v", "discovery": "UNKNOWN"}}}}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2022-36074", "datePublished": "2022-09-15T22:00:15", "dateReserved": "2022-07-15T00:00:00", "dateUpdated": "2022-09-15T22:00:15", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nextcloud:nextcloud_enterprise_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "25E67FEF-5998-4CEF-95CC-7039947F763F", "versionEndExcluding": "22.2.11", "vulnerable": true}, {"criteria": "cpe:2.3:a:nextcloud:nextcloud_enterprise_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "83FDE312-401A-48C0-BFA0-F3439571CB40", "versionEndExcluding": "23.0.7", "versionStartIncluding": "23.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:nextcloud:nextcloud_enterprise_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "89DC7F6E-DF99-4A47-9038-F225EDA90298", "versionEndExcluding": "24.0.3", "versionStartIncluding": "24.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "0B33B876-3E32-47E7-A6F0-E23A09AC2648", "versionEndExcluding": "23.0.7", "vulnerable": true}, {"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "498C4D8E-C26E-4D82-BFDB-3CC84C188714", "versionEndExcluding": "24.0.3", "versionStartIncluding": "24.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Nextcloud server is an open source personal cloud product. Affected versions of this package are vulnerable to Information Exposure which fails to strip the Authorization header on HTTP downgrade. This can lead to account access exposure and compromise. It is recommended that the Nextcloud Server is upgraded to 23.0.7 or 24.0.3. It is recommended that the Nextcloud Enterprise Server is upgraded to 22.2.11, 23.0.7 or 24.0.3. There are no known workarounds for this issue."}, {"lang": "es", "value": "Nextcloud server es un producto de nube personal de c\u00f3digo abierto. Las versiones afectadas de este paquete son vulnerables a una Exposici\u00f3n de Informaci\u00f3n que falla al eliminar el encabezado de autorizaci\u00f3n en el descenso de HTTP. Esto puede conllevar a una exposici\u00f3n del acceso a la cuenta y su compromiso. Es recomendado actualizar el servidor Nextcloud a versi\u00f3n 23.0.7 o 24.0.3. Es recomendado que Nextcloud Enterprise Server sea actualizado a versi\u00f3n 22.2.11, 23.0.7 o 24.0.3. No se presentan mitigaciones conocidas para este problema"}], "id": "CVE-2022-36074", "lastModified": "2023-07-21T21:01:21.577", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.2, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2022-09-15T22:15:11.303", "references": [{"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-vqgm-f748-g76v"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/nextcloud/server/pull/32941"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-863"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-200"}], "source": "security-advisories@github.com", "type": "Secondary"}]}