Nextcloud Server 24.0.9: PrivEsc to Unauthorized File Deletion
CVE-2023-25817 Published on March 27, 2023

Delete permissions are not saved when creating public share in Nextcloud server
Nextcloud server is an open source, personal cloud implementation. In versions from 24.0.0 and before 24.0.9 a user could escalate their permissions to delete files they were not supposed to deletable but only viewed or downloaded. This issue has been addressed andit is recommended that the Nextcloud Server is upgraded to 24.0.9. There are no known workarounds for this vulnerability.

NVD

Vulnerability Analysis

CVE-2023-25817 can be exploited with network access, requires user interaction and a small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a small impact on availability.

Attack Vector:
NETWORK
Attack Complexity:
LOW
Privileges Required:
LOW
User Interaction:
REQUIRED
Scope:
UNCHANGED
Confidentiality Impact:
NONE
Integrity Impact:
NONE
Availability Impact:
LOW

Weakness Type

Improper Preservation of Permissions

The software does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended.


Products Associated with CVE-2023-25817

stack.watch emails you whenever new vulnerabilities are published in Nextcloud Server or Nextcloud. Just hit a watch button to start following.

Nextcloud Server
 
Nextcloud
 

Affected Versions

nextcloud security-advisories Version >= 24.0.0, < 24.0.9 is affected by CVE-2023-25817

Exploit Probability

EPSS
0.12%
Percentile
31.52%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.