Unauthorized File Disclosure via Collabora Integration in Nextcloud Office <7.0.2
CVE-2023-25150 Published on February 8, 2023
Document content of files can be obtained through Collabora for files of other users
Nextcloud office/richdocuments is an office suit for the nextcloud server platform. In affected versions the Collabora integration can be tricked to provide access to any file without proper permission validation. As a result any user with access to Collabora can obtain the content of other users files. It is recommended that the Nextcloud Office App (Collabora Integration) is updated to 7.0.2 (Nextcloud 25), 6.3.2 (Nextcloud 24), 5.0.10 (Nextcloud 23), 4.2.9 (Nextcloud 21-22), or 3.8.7 (Nextcloud 15-20). There are no known workarounds for this issue.
Vulnerability Analysis
CVE-2023-25150 is exploitable with network access, requires user interaction and a small amount of user privileges. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Weakness Type
What is an Authorization Vulnerability?
The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
CVE-2023-25150 has been classified to as an Authorization vulnerability or weakness.
Products Associated with CVE-2023-25150
Want to know whenever a new CVE is published for Nextcloud Richdocuments? stack.watch will email you.
Affected Versions
nextcloud security-advisories:- Version < 3.8.7 is affected.
- Version >= 4.0.0, < 4.2.9 is affected.
- Version >= 5.0.0, < 5.0.10 is affected.
- Version >= 6.0.0, < 6.3.2 is affected.
- Version >= 7.0.0, < 7.0.2 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.