CVE-2023-45660 - OpenCVE

Nextcloud mail is an email app for the Nextcloud home server platform. In affected versions a missing check of origin, target and cookies allows for an attacker to abuse the proxy endpoint to denial of service a third server. It is recommended that the Nextcloud Mail is upgraded to 2.2.8 or 3.3.0. There are no known workarounds for this vulnerability.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Nextcloud	Mail

Configuration 1 [-]

OR	cpe:2.3:a:nextcloud:mail::::::::
	cpe:2.3:a:nextcloud:mail::::::::

References

Link	Resource
https://github.com/nextcloud/mail/pull/8459	Issue Tracking Patch
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8j9x-fmww-qr37	Vendor Advisory
https://hackerone.com/reports/1895874	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: GitHub_M

Published: 2023-10-16T18:32:00.486Z

Updated: 2023-10-16T18:32:00.486Z

Reserved: 2023-10-10T14:36:40.859Z

Link: CVE-2023-45660

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-10-16T19:15:11.060

Modified: 2023-10-20T12:18:07.003

Link: CVE-2023-45660

JSON object: View

Redhat Information

No data.

CWE

CWE-918

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-45660", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2023-10-10T14:36:40.859Z", "datePublished": "2023-10-16T18:32:00.486Z", "dateUpdated": "2023-10-16T18:32:00.486Z"}, "containers": {"cna": {"title": "Require strict cookies for image proxy requests in Nextcloud Mail", "problemTypes": [{"descriptions": [{"cweId": "CWE-918", "lang": "en", "description": "CWE-918: Server-Side Request Forgery (SSRF)", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}}], "references": [{"name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8j9x-fmww-qr37", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8j9x-fmww-qr37"}, {"name": "https://github.com/nextcloud/mail/pull/8459", "tags": ["x_refsource_MISC"], "url": "https://github.com/nextcloud/mail/pull/8459"}, {"name": "https://hackerone.com/reports/1895874", "tags": ["x_refsource_MISC"], "url": "https://hackerone.com/reports/1895874"}], "affected": [{"vendor": "nextcloud", "product": "security-advisories", "versions": [{"version": ">= 2.0.0, < 2.2.8", "status": "affected"}, {"version": ">= 3.0.0, < 3.3.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-10-16T18:32:00.486Z"}, "descriptions": [{"lang": "en", "value": "Nextcloud mail is an email app for the Nextcloud home server platform. In affected versions a missing check of origin, target and cookies allows for an attacker to abuse the proxy endpoint to denial of service a third server. It is recommended that the Nextcloud Mail is upgraded to 2.2.8 or 3.3.0. There are no known workarounds for this vulnerability."}], "source": {"advisory": "GHSA-8j9x-fmww-qr37", "discovery": "UNKNOWN"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nextcloud:mail:*:*:*:*:*:*:*:*", "matchCriteriaId": "C39C0C2A-42B6-406A-83E6-F27F6D7A51EA", "versionEndExcluding": "2.2.8", "versionStartIncluding": "2.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:nextcloud:mail:*:*:*:*:*:*:*:*", "matchCriteriaId": "98F3704F-323A-4BC4-BC5F-259C8648CB97", "versionEndExcluding": "3.3.0", "versionStartIncluding": "3.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Nextcloud mail is an email app for the Nextcloud home server platform. In affected versions a missing check of origin, target and cookies allows for an attacker to abuse the proxy endpoint to denial of service a third server. It is recommended that the Nextcloud Mail is upgraded to 2.2.8 or 3.3.0. There are no known workarounds for this vulnerability."}, {"lang": "es", "value": "Nextcloud mail es una aplicaci\u00f3n de correo electr\u00f3nico para la plataforma de servidor dom\u00e9stico Nextcloud. En las versiones afectadas, la falta de verificaci\u00f3n de origen, destino y cookies permite a un atacante abusar del endpoint del proxy para negar el servicio a un tercer servidor. Se recomienda actualizar Nextcloud Mail a 2.2.8 o 3.3.0. No se conocen workarounds para esta vulnerabilidad."}], "id": "CVE-2023-45660", "lastModified": "2023-10-20T12:18:07.003", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2023-10-16T19:15:11.060", "references": [{"source": "security-advisories@github.com", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/nextcloud/mail/pull/8459"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8j9x-fmww-qr37"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://hackerone.com/reports/1895874"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "security-advisories@github.com", "type": "Primary"}]}