Insufficiently protected credentials in Nextcloud Server - CVE-2019-17393
Published: October 18, 2019 / Updated: August 8, 2020
Vulnerability identifier: #VU35148
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2019-17393
CWE-ID: CWE-522
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Nextcloud
Affected software:
Nextcloud Server
Nextcloud Server
Detailed vulnerability description
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
The Customer's Tomedo Server in Version 1.7.3 communicates to the Vendor Tomedo Server via HTTP (in cleartext) that can be sniffed by unauthorized actors. Basic authentication is used for the authentication, making it possible to base64 decode the sniffed credentials and discover the username and password.
How to mitigate CVE-2019-17393
Install update from vendor's website.