Nextcloud Server CVE202325820: BruteForce Confirm (25.0.4/24.0.10)
CVE-2023-25820 Published on March 22, 2023

Nextcloud Server and Enterprise Server missing brute force protection on password confirmation modal
Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform, and Nextcloud Enterprise Server is the enterprise version of the file server software. In Nextcloud Server versions 25.0.x prior to 25.0.5 and versions 24.0.x prior to 24.0.10 as well as Nextcloud Enterprise Server versions 25.0.x prior to 25.0.4, 24.0.x prior to 24.0.10, 23.0.x prior to 23.0.12.5, 22.x prior to 22.2.0.10, and 21.x prior to 21.0.9.10, when an attacker gets access to an already logged in user session they can then brute force the password on the confirmation endpoint. Nextcloud Server should upgraded to 24.0.10 or 25.0.4 and Nextcloud Enterprise Server should upgraded to 21.0.9.10, 22.2.10.10, 23.0.12.5, 24.0.10, or 25.0.4 to receive a patch. No known workarounds are available.

NVD

Vulnerability Analysis

CVE-2023-25820 is exploitable with local system access, requires user interaction and a small amount of user privileges. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to be low. considered to have a small impact on confidentiality and integrity and availability.

Attack Vector:

LOCAL

Attack Complexity:

HIGH

Privileges Required:

LOW

User Interaction:

REQUIRED

Scope:

UNCHANGED

Confidentiality Impact:

LOW

Integrity Impact:

LOW

Availability Impact:

LOW

Weakness Type

Improper Restriction of Excessive Authentication Attempts

The software does not implement sufficient measures to prevent multiple failed authentication attempts within in a short time frame, making it more susceptible to brute force attacks.

Products Associated with CVE-2023-25820

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2023-25820 are published in these products:

Nextcloud Server

Affected Versions

nextcloud security-advisories:

Version Nextcloud Server >= 24.0.0, < 24.0.10 is affected.
Version Nextcloud Server >= 25.0.0, < 25.0.4 is affected.
Version Nextcloud Enterprise Server >= 25.0.0, < 25.0.4 is affected.
Version Nextcloud Enterprise Server >= 24.0.0, < 24.0.10 is affected.
Version Nextcloud Enterprise Server >= 23.0.0, < 23.0.12.5 is affected.
Version Nextcloud Enterprise Server >= 22.0.0, < 22.2.10.10 is affected.
Version Nextcloud Enterprise Server >= 21.0.0, < 21.0.9.10 is affected.

Exploit Probability

EPSS

0.14%

Percentile

34.68%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.