Nextcloud User Oidc

Nextcloud User OIDC App Open Redirect Vulnerability
CVE-2024-52512 6.1 - Medium - November 15, 2024

user_oidc app is an OpenID Connect user backend for Nextcloud. A malicious user could send a malformed login link that would redirect the user to a provided URL after successfully authenticating. It is recommended that the Nextcloud User OIDC app is upgraded to 6.1.0.

Nextcloud user_oidc OIDC signing bypass pre-1.3.5/2.0.0/3.0.0/4.0.0/5.0.0 (CVE-2024-37886)
CVE-2024-37886 4.7 - Medium - June 14, 2024

user_oidc app is an OpenID Connect user backend for Nextcloud. An attacker could potentially trick the app into accepting a request that is not signed by the correct server. It is recommended that the Nextcloud user_oidc app is upgraded to 1.3.5, 2.0.0, 3.0.0, 4.0.0 or 5.0.0.

Nextcloud user_oidc Missing AC on ID4me (Before 3.0.0) ID4me open registration
CVE-2024-37312 6.3 - Medium - June 14, 2024

user_oidc app is an OpenID Connect user backend for Nextcloud. Missing access control on the ID4me endpoint allows an attacker to register an account eventually getting access to data that is available to all registered users. It is recommended that the OpenID Connect user backend is upgraded to 3.0.0 (Nextcloud 20-23), 4.0.0 (Nexcloud 24) or 5.0.0 (Nextcloud 25-28).

Nextcloud user_oidc 1.0.01.3.2 Impersonation via DB Snapshot (CVE202339954)
CVE-2023-39954 8.1 - High - August 10, 2023

user_oidc provides the OIDC connect user backend for Nextcloud, an open-source cloud platform. Starting in version 1.0.0 and prior to version 1.3.3, an attacker that obtained at least read access to a snapshot of the database can impersonate the Nextcloud server towards linked servers. user_oidc 1.3.3 contains a patch. No known workarounds are available.

Missing Encryption of Sensitive Data

Nextcloud OIDC Connect user_oidc OID issuer verification flaw v1.0.0-1.3.2
CVE-2023-39953 4.8 - Medium - August 10, 2023

user_oidc provides the OIDC connect user backend for Nextcloud, an open-source cloud platform. Starting in version 1.0.0 and prior to version 1.3.3, missing verification of the issuer would have allowed an attacker to perform a man-in-the-middle attack returning corrupted or known token they also have access to. user_oidc 1.3.3 contains a patch. No known workarounds are available.

Incorrect Implementation of Authentication Algorithm

Nextcloud user_oidc Auth Bypass Before 1.3.2
CVE-2023-32074 9.8 - Critical - May 25, 2023

user_oidc app is an OpenID Connect user backend for Nextcloud. Authentication can be broken/bypassed in user_oidc app. It is recommended that the Nextcloud user_oidc app is upgraded to 1.3.2

Improper Restriction of Excessive Authentication Attempts

Nextcloud user_oidc <1.3: OIDC State Token Bypass
CVE-2023-28848 5.4 - Medium - April 04, 2023

user_oidc is the OIDC connect user backend for Nextcloud, an open source collaboration platform. A vulnerability in versions 1.0.0 until 1.3.0 effectively allowed an attacker to bypass the state protection as they could just copy the expected state token from the first request to their second request. Users should upgrade user_oidc to 1.3.0 to receive a patch for the issue. No known workarounds are available.

Session Riding