#VU74118 Improper Preservation of Permissions in Nextcloud Server and Nextcloud Enterprise Server - CVE-2023-25817

Cybersecurity Help s.r.o.

Published: 2023-03-28

Vulnerability identifier: #VU74118

Vulnerability risk: Low

CVSSv4.0: 0.4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-25817

CWE-ID: CWE-281

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Nextcloud Server
Client/Desktop applications / Messaging software
Nextcloud Enterprise Server
Client/Desktop applications / Messaging software

Vendor: Nextcloud

Description

The vulnerability allows a remote attacker to compromise the system.

The vulnerability exists due to improper preservation of permissions. A remote user can delete files they are not supposed to deletable but only viewed or downloaded.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Nextcloud Server: 24.0.0 - 24.0.8

Nextcloud Enterprise Server: 24.0.0 - 24.0.8

External links
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8v5c-f752-fgpv
https://github.com/nextcloud/server/pull/33941

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Improper Preservation of Permissions in Nextcloud Server and Enterprise Server