CVE-2024-37317 - Vulnerability Details - OpenCVE

The Nextcloud Notes app is a distraction free notes taking app for Nextcloud. If an attacker managed to share a folder called `Notes/` with a newly created user before they logged in, the Notes app would use that folder store the personal notes. It is recommended that the Nextcloud Notes app is upgraded to 4.9.3.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00089.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Nextcloud	Notes

Configuration 1 [-]

cpe:2.3:a:nextcloud:notes:*:*:*:*:*:nextcloud:*:*

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2024-36575	The Nextcloud Notes app is a distraction free notes taking app for Nextcloud. If an attacker managed to share a folder called `Notes/` with a newly created user before they logged in, the Notes app would use that folder store the personal notes. It is recommended that the Nextcloud Notes app is upgraded to 4.9.3.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://github.com/nextcloud/notes/pull/1260
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-wfqv-cx85-7rjx
https://hackerone.com/reports/2254151

History

Mon, 19 Aug 2024 16:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Nextcloud Nextcloud notes
Weaknesses		CWE-862
CPEs		cpe:2.3:a:nextcloud:notes::::::nextcloud::*
Vendors & Products		Nextcloud Nextcloud notes

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-06-14T15:25:24.475Z

Updated: 2024-08-02T03:50:55.961Z

Reserved: 2024-06-05T20:10:46.498Z

Link: CVE-2024-37317

Vulnrichment

Updated: 2024-06-14T16:57:03.587Z

NVD

Status : Modified

Published: 2024-06-14T16:15:11.960

Modified: 2024-11-21T09:23:35.997

Link: CVE-2024-37317

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-37317", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-06-05T20:10:46.498Z", "datePublished": "2024-06-14T15:25:24.475Z", "dateUpdated": "2024-08-02T03:50:55.961Z"}, "containers": {"cna": {"title": "Nextcloud Notes app can be tricked into using a received share created before the user logged in", "problemTypes": [{"descriptions": [{"cweId": "CWE-284", "lang": "en", "description": "CWE-284: Improper Access Control", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L", "version": "3.1"}}], "references": [{"name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-wfqv-cx85-7rjx", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-wfqv-cx85-7rjx"}, {"name": "https://github.com/nextcloud/notes/pull/1260", "tags": ["x_refsource_MISC"], "url": "https://github.com/nextcloud/notes/pull/1260"}, {"name": "https://hackerone.com/reports/2254151", "tags": ["x_refsource_MISC"], "url": "https://hackerone.com/reports/2254151"}], "affected": [{"vendor": "nextcloud", "product": "security-advisories", "versions": [{"version": ">= 4.6.0, < 4.9.3", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-06-14T15:25:24.475Z"}, "descriptions": [{"lang": "en", "value": "The Nextcloud Notes app is a distraction free notes taking app for Nextcloud. If an attacker managed to share a folder called `Notes/` with a newly created user before they logged in, the Notes app would use that folder store the personal notes. It is recommended that the Nextcloud Notes app is upgraded to 4.9.3."}], "source": {"advisory": "GHSA-wfqv-cx85-7rjx", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-14T16:56:59.491277Z", "id": "CVE-2024-37317", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-14T16:57:05.962Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:50:55.961Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-wfqv-cx85-7rjx", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-wfqv-cx85-7rjx"}, {"name": "https://github.com/nextcloud/notes/pull/1260", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/nextcloud/notes/pull/1260"}, {"name": "https://hackerone.com/reports/2254151", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://hackerone.com/reports/2254151"}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-37317", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-06-14T16:56:59.491277Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-14T16:57:03.587Z"}}], "cna": {"title": "Nextcloud Notes app can be tricked into using a received share created before the user logged in", "source": {"advisory": "GHSA-wfqv-cx85-7rjx", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.6, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "nextcloud", "product": "security-advisories", "versions": [{"status": "affected", "version": ">= 4.6.0, < 4.9.3"}]}], "references": [{"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-wfqv-cx85-7rjx", "name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-wfqv-cx85-7rjx", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/nextcloud/notes/pull/1260", "name": "https://github.com/nextcloud/notes/pull/1260", "tags": ["x_refsource_MISC"]}, {"url": "https://hackerone.com/reports/2254151", "name": "https://hackerone.com/reports/2254151", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "The Nextcloud Notes app is a distraction free notes taking app for Nextcloud. If an attacker managed to share a folder called `Notes/` with a newly created user before they logged in, the Notes app would use that folder store the personal notes. It is recommended that the Nextcloud Notes app is upgraded to 4.9.3."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-284", "description": "CWE-284: Improper Access Control"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-06-14T15:25:24.475Z"}}}, "cveMetadata": {"cveId": "CVE-2024-37317", "state": "PUBLISHED", "dateUpdated": "2024-06-14T16:57:05.962Z", "dateReserved": "2024-06-05T20:10:46.498Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-06-14T15:25:24.475Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nextcloud:notes:*:*:*:*:*:nextcloud:*:*", "matchCriteriaId": "E2A24E4C-43C7-4799-9C22-8CD82C579B49", "versionEndExcluding": "4.9.3", "versionStartIncluding": "4.6.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The Nextcloud Notes app is a distraction free notes taking app for Nextcloud. If an attacker managed to share a folder called `Notes/` with a newly created user before they logged in, the Notes app would use that folder store the personal notes. It is recommended that the Nextcloud Notes app is upgraded to 4.9.3."}, {"lang": "es", "value": "La aplicaci\u00f3n Nextcloud Notes es una aplicaci\u00f3n para tomar notas sin distracciones para Nextcloud. Si un atacante lograba compartir una carpeta llamada `Notas/` con un usuario reci\u00e9n creado antes de iniciar sesi\u00f3n, la aplicaci\u00f3n Notas usar\u00eda esa carpeta para almacenar las notas personales. Se recomienda actualizar la aplicaci\u00f3n Nextcloud Notes a 4.9.3."}], "id": "CVE-2024-37317", "lastModified": "2024-11-21T09:23:35.997", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 3.4, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.1, "impactScore": 2.5, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-06-14T16:15:11.960", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/nextcloud/notes/pull/1260"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-wfqv-cx85-7rjx"}, {"source": "security-advisories@github.com", "tags": ["Issue Tracking"], "url": "https://hackerone.com/reports/2254151"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/nextcloud/notes/pull/1260"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-wfqv-cx85-7rjx"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking"], "url": "https://hackerone.com/reports/2254151"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-284"}], "source": "security-advisories@github.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-862"}], "source": "nvd@nist.gov", "type": "Primary"}]}