Nextcloud Server 24.0.0-24.0.6/25.0.0-25.0.4 API Data Path Disclosure
CVE-2023-28834 Published on April 3, 2023
Full path of data directory exposed to Nextcloud server users
Nextcloud Server is an open source personal cloud server. Nextcloud Server 24.0.0 until 24.0.6 and 25.0.0 until 25.0.4, as well as Nextcloud Enterprise Server 23.0.0 until 23.0.11, 24.0.0 until 24.0.6, and 25.0.0 until 25.0.4, have an information disclosure vulnerability. A user was able to get the full data directory path of the Nextcloud server from an API endpoint. By itself this information is not problematic as it can also be guessed for most common setups, but it could speed up other unknown attacks in the future if the information is known. Nextcloud Server 24.0.6 and 25.0.4 and Nextcloud Enterprise Server 23.0.11, 24.0.6, and 25.0.4 contain patches for this issue. There are no known workarounds.
Vulnerability Analysis
CVE-2023-28834 is exploitable with network access, requires user interaction and a small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a small impact on integrity and availability.
Weakness Type
Improper Removal of Sensitive Information Before Storage or Transfer
The product stores, transfers, or shares a resource that contains sensitive information, but it does not properly remove that information before the product makes the resource available to unauthorized actors.
Products Associated with CVE-2023-28834
stack.watch emails you whenever new vulnerabilities are published in Nextcloud Server or Nextcloud. Just hit a watch button to start following.
Affected Versions
nextcloud security-advisories:- Version >= 23.0.0, < 23.0.14 is affected.
- Version >= 24.0.0, < 24.0.10 is affected.
- Version >= 25.0.0, < 25.0.4 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.