CVE-2023-28835

Nextcloud server is an open source home cloud implementation. In affected versions the generated fallback password when creating a share was using a weak complexity random number generator, so when the sharer did not change it the password could be guessable to an attacker willing to brute force it. It is recommended that the Nextcloud Server is upgraded to 24.0.10 or 25.0.4. This issue only affects users who do not have a password policy enabled, so enabling a password policy is an effective mitigation for users unable to upgrade.

CVSS v3.0 7.5 HIGH

7.5^/10

CVSS v3.0 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/nextcloud/server/pull/36093	Issue Tracking Patch
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-7w2p-rp9m-9xp9	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:nextcloud:nextcloud_server:::::enterprise:::*
	cpe:2.3:a:nextcloud:nextcloud_server:::::enterprise:::*
	cpe:2.3:a:nextcloud:nextcloud_server:::::-:::*
	cpe:2.3:a:nextcloud:nextcloud_server:::::-:::*
	cpe:2.3:a:nextcloud:nextcloud_server:::::enterprise:::*

History

07 Apr 2023, 15:02

Type	Values Removed	Values Added
CPE		cpe:2.3:a:nextcloud:nextcloud_server:::::enterprise:::* cpe:2.3:a:nextcloud:nextcloud_server:::::-:::*
References	~~(MISC) https://github.com/nextcloud/server/pull/36093 -~~	(MISC) https://github.com/nextcloud/server/pull/36093 - Issue Tracking, Patch
References	~~(MISC) https://github.com/nextcloud/security-advisories/security/advisories/GHSA-7w2p-rp9m-9xp9 -~~	(MISC) https://github.com/nextcloud/security-advisories/security/advisories/GHSA-7w2p-rp9m-9xp9 - Vendor Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.5
First Time		Nextcloud nextcloud Server Nextcloud

Information

Published : 2023-03-30 19:15

Updated : 2023-04-07 15:02

NVD link : CVE-2023-28835

Mitre link : CVE-2023-28835

JSON object : View

Products Affected

nextcloud

nextcloud_server

CWE

CWE-338

Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://github.com/nextcloud/server/pull/36093", "name": "https://github.com/nextcloud/server/pull/36093", "tags": ["Issue Tracking", "Patch"], "refsource": "MISC"}, {"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-7w2p-rp9m-9xp9", "name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-7w2p-rp9m-9xp9", "tags": ["Vendor Advisory"], "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Nextcloud server is an open source home cloud implementation. In affected versions the generated fallback password when creating a share was using a weak complexity random number generator, so when the sharer did not change it the password could be guessable to an attacker willing to brute force it. It is recommended that the Nextcloud Server is upgraded to 24.0.10 or 25.0.4. This issue only affects users who do not have a password policy enabled, so enabling a password policy is an effective mitigation for users unable to upgrade."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-338"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2023-28835", "ASSIGNER": "security-advisories@github.com"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}}, "publishedDate": "2023-03-30T19:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "25.0.4", "versionStartIncluding": "25.0.0"}, {"cpe23Uri": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "24.0.10", "versionStartIncluding": "24.0.0"}, {"cpe23Uri": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:-:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "24.0.10", "versionStartIncluding": "24.0.0"}, {"cpe23Uri": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:-:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "25.0.4", "versionStartIncluding": "25.0.0"}, {"cpe23Uri": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "23.0.14", "versionStartIncluding": "23.0.0"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2023-04-07T15:02Z"}