Improper Restriction of Excessive Authentication Attempts in Nextcloud Server and Enterprise Server
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2023-45148 |
| CWE-ID | CWE-307 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Nextcloud Enterprise Server Client/Desktop applications / Messaging software Nextcloud Server Client/Desktop applications / Messaging software |
| Vendor | Nextcloud |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Improper Restriction of Excessive Authentication Attempts
EUVDB-ID: #VU82071
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-45148
CWE-ID:
CWE-307 - Improper Restriction of Excessive Authentication Attempts
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to improper rate limiter when Memcached is installed. A remote user can cause the rate limiting in Nextcloud Server could be reset unexpectedly resetting the rate count earlier than intended.
MitigationInstall updates from vendor's website.
Vulnerable software versionsNextcloud Enterprise Server: 22.0.0 - 27.0.2
Nextcloud Server: 25.0.0 - 27.0.2
External linkshttp://github.com/nextcloud/server/pull/40293
http://hackerone.com/reports/2110945
http://github.com/nextcloud/security-advisories/security/advisories/GHSA-xmhp-7vr4-hp63
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
