CVE-2023-45660 - OpenCVE

Nextcloud mail is an email app for the Nextcloud home server platform. In affected versions a missing check of origin, target and cookies allows for an attacker to abuse the proxy endpoint to denial of service a third server. It is recommended that the Nextcloud Mail is upgraded to 2.2.8 or 3.3.0. There are no known workarounds for this vulnerability.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Nextcloud	Mail

Configuration 1 [-]

OR	cpe:2.3:a:nextcloud:mail::::::::
	cpe:2.3:a:nextcloud:mail::::::::

No data.

References

Link	Providers
https://github.com/nextcloud/mail/pull/8459
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8j9x-fmww-qr37
https://hackerone.com/reports/1895874

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2023-10-16T18:32:00.486Z

Updated: 2024-09-13T19:36:36.050Z

Reserved: 2023-10-10T14:36:40.859Z

Link: CVE-2023-45660

Vulnrichment

Updated: 2024-08-02T20:21:16.890Z

NVD

Status : Analyzed

Published: 2023-10-16T19:15:11.060

Modified: 2023-10-20T12:18:07.003

Link: CVE-2023-45660

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-45660", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2023-10-10T14:36:40.859Z", "datePublished": "2023-10-16T18:32:00.486Z", "dateUpdated": "2024-09-13T19:36:36.050Z"}, "containers": {"cna": {"title": "Require strict cookies for image proxy requests in Nextcloud Mail", "problemTypes": [{"descriptions": [{"cweId": "CWE-918", "lang": "en", "description": "CWE-918: Server-Side Request Forgery (SSRF)", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}}], "references": [{"name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8j9x-fmww-qr37", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8j9x-fmww-qr37"}, {"name": "https://github.com/nextcloud/mail/pull/8459", "tags": ["x_refsource_MISC"], "url": "https://github.com/nextcloud/mail/pull/8459"}, {"name": "https://hackerone.com/reports/1895874", "tags": ["x_refsource_MISC"], "url": "https://hackerone.com/reports/1895874"}], "affected": [{"vendor": "nextcloud", "product": "security-advisories", "versions": [{"version": ">= 2.0.0, < 2.2.8", "status": "affected"}, {"version": ">= 3.0.0, < 3.3.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-10-16T18:32:00.486Z"}, "descriptions": [{"lang": "en", "value": "Nextcloud mail is an email app for the Nextcloud home server platform. In affected versions a missing check of origin, target and cookies allows for an attacker to abuse the proxy endpoint to denial of service a third server. It is recommended that the Nextcloud Mail is upgraded to 2.2.8 or 3.3.0. There are no known workarounds for this vulnerability."}], "source": {"advisory": "GHSA-8j9x-fmww-qr37", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T20:21:16.890Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8j9x-fmww-qr37", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8j9x-fmww-qr37"}, {"name": "https://github.com/nextcloud/mail/pull/8459", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/nextcloud/mail/pull/8459"}, {"name": "https://hackerone.com/reports/1895874", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://hackerone.com/reports/1895874"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-13T19:22:39.279370Z", "id": "CVE-2023-45660", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-13T19:36:36.050Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8j9x-fmww-qr37", "name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8j9x-fmww-qr37", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://github.com/nextcloud/mail/pull/8459", "name": "https://github.com/nextcloud/mail/pull/8459", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://hackerone.com/reports/1895874", "name": "https://hackerone.com/reports/1895874", "tags": ["x_refsource_MISC", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T20:21:16.890Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-45660", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-13T19:22:39.279370Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-13T19:36:16.109Z"}}], "cna": {"title": "Require strict cookies for image proxy requests in Nextcloud Mail", "source": {"advisory": "GHSA-8j9x-fmww-qr37", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "nextcloud", "product": "security-advisories", "versions": [{"status": "affected", "version": ">= 2.0.0, < 2.2.8"}, {"status": "affected", "version": ">= 3.0.0, < 3.3.0"}]}], "references": [{"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8j9x-fmww-qr37", "name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8j9x-fmww-qr37", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/nextcloud/mail/pull/8459", "name": "https://github.com/nextcloud/mail/pull/8459", "tags": ["x_refsource_MISC"]}, {"url": "https://hackerone.com/reports/1895874", "name": "https://hackerone.com/reports/1895874", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Nextcloud mail is an email app for the Nextcloud home server platform. In affected versions a missing check of origin, target and cookies allows for an attacker to abuse the proxy endpoint to denial of service a third server. It is recommended that the Nextcloud Mail is upgraded to 2.2.8 or 3.3.0. There are no known workarounds for this vulnerability."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-918", "description": "CWE-918: Server-Side Request Forgery (SSRF)"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-10-16T18:32:00.486Z"}}}, "cveMetadata": {"cveId": "CVE-2023-45660", "state": "PUBLISHED", "dateUpdated": "2024-09-13T19:36:36.050Z", "dateReserved": "2023-10-10T14:36:40.859Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2023-10-16T18:32:00.486Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nextcloud:mail:*:*:*:*:*:*:*:*", "matchCriteriaId": "C39C0C2A-42B6-406A-83E6-F27F6D7A51EA", "versionEndExcluding": "2.2.8", "versionStartIncluding": "2.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:nextcloud:mail:*:*:*:*:*:*:*:*", "matchCriteriaId": "98F3704F-323A-4BC4-BC5F-259C8648CB97", "versionEndExcluding": "3.3.0", "versionStartIncluding": "3.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Nextcloud mail is an email app for the Nextcloud home server platform. In affected versions a missing check of origin, target and cookies allows for an attacker to abuse the proxy endpoint to denial of service a third server. It is recommended that the Nextcloud Mail is upgraded to 2.2.8 or 3.3.0. There are no known workarounds for this vulnerability."}, {"lang": "es", "value": "Nextcloud mail es una aplicaci\u00f3n de correo electr\u00f3nico para la plataforma de servidor dom\u00e9stico Nextcloud. En las versiones afectadas, la falta de verificaci\u00f3n de origen, destino y cookies permite a un atacante abusar del endpoint del proxy para negar el servicio a un tercer servidor. Se recomienda actualizar Nextcloud Mail a 2.2.8 o 3.3.0. No se conocen workarounds para esta vulnerabilidad."}], "id": "CVE-2023-45660", "lastModified": "2023-10-20T12:18:07.003", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2023-10-16T19:15:11.060", "references": [{"source": "security-advisories@github.com", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/nextcloud/mail/pull/8459"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8j9x-fmww-qr37"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://hackerone.com/reports/1895874"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "security-advisories@github.com", "type": "Primary"}]}