CVE-2023-39953 - OpenCVE

user_oidc provides the OIDC connect user backend for Nextcloud, an open-source cloud platform. Starting in version 1.0.0 and prior to version 1.3.3, missing verification of the issuer would have allowed an attacker to perform a man-in-the-middle attack returning corrupted or known token they also have access to. user_oidc 1.3.3 contains a patch. No known workarounds are available.

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Nextcloud	User Oidc

Configuration 1 [-]

cpe:2.3:a:nextcloud:user_oidc:*:*:*:*:*:*:*:*

References

Link	Resource
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-xx3h-v363-q36j	Patch Vendor Advisory
https://github.com/nextcloud/user_oidc/pull/642	Patch
https://hackerone.com/reports/2021684	Permissions Required

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: GitHub_M

Published: 2023-08-10T13:55:19.957Z

Updated: 2023-08-10T13:55:19.957Z

Reserved: 2023-08-07T16:27:27.075Z

Link: CVE-2023-39953

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-08-10T14:15:15.370

Modified: 2023-08-16T19:10:58.313

Link: CVE-2023-39953

JSON object: View

Redhat Information

No data.

CWE

CWE-303

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nextcloud:user_oidc:*:*:*:*:*:*:*:*", "matchCriteriaId": "97E08567-1AEA-413F-A59D-C80E63DD58BB", "versionEndExcluding": "1.3.3", "versionStartIncluding": "1.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "user_oidc provides the OIDC connect user backend for Nextcloud, an open-source cloud platform. Starting in version 1.0.0 and prior to version 1.3.3, missing verification of the issuer would have allowed an attacker to perform a man-in-the-middle attack returning corrupted or known token they also have access to. user_oidc 1.3.3 contains a patch. No known workarounds are available."}], "id": "CVE-2023-39953", "lastModified": "2023-08-16T19:10:58.313", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 2.5, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 2.5, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2023-08-10T14:15:15.370", "references": [{"source": "security-advisories@github.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-xx3h-v363-q36j"}, {"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/nextcloud/user_oidc/pull/642"}, {"source": "security-advisories@github.com", "tags": ["Permissions Required"], "url": "https://hackerone.com/reports/2021684"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-303"}], "source": "security-advisories@github.com", "type": "Primary"}]}