CVE-2024-37886 - Vulnerability Details - OpenCVE

user_oidc app is an OpenID Connect user backend for Nextcloud. An attacker could potentially trick the app into accepting a request that is not signed by the correct server. It is recommended that the Nextcloud user_oidc app is upgraded to 1.3.5, 2.0.0, 3.0.0, 4.0.0 or 5.0.0.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00591.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Nextcloud	Nextcloud User Oidc

Configuration 1 [-]

cpe:2.3:a:nextcloud:user_oidc:*:*:*:*:*:*:*:*

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Nextcloud	Nextcloud User Oidc

Advisories

Source	ID	Title
EUVD	EUVD-2024-36870	user_oidc app is an OpenID Connect user backend for Nextcloud. An attacker could potentially trick the app into accepting a request that is not signed by the correct server. It is recommended that the Nextcloud user_oidc app is upgraded to 1.3.5, 2.0.0, 3.0.0, 4.0.0 or 5.0.0.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-vw5h-29xf-g55g
https://github.com/nextcloud/user_oidc/pull/715
https://hackerone.com/reports/1878391

History

Thu, 14 Aug 2025 19:15:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:2.3:a:nextcloud:user_oidc::::::::

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-06-14T15:45:12.913Z

Updated: 2024-08-02T03:57:40.025Z

Reserved: 2024-06-10T19:54:41.360Z

Link: CVE-2024-37886

Vulnrichment

Updated: 2024-06-15T20:26:23.078Z

NVD

Status : Analyzed

Published: 2024-06-14T16:15:13.800

Modified: 2025-08-14T19:03:04.897

Link: CVE-2024-37886

Redhat

No data.

OpenCVE Enrichment

Updated: 2025-07-12T22:00:46Z

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-37886", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-06-10T19:54:41.360Z", "datePublished": "2024-06-14T15:45:12.913Z", "dateUpdated": "2024-08-02T03:57:40.025Z"}, "containers": {"cna": {"title": "Nextcloud user_oidc's ID4me does not validate signature or expiration", "problemTypes": [{"descriptions": [{"cweId": "CWE-347", "lang": "en", "description": "CWE-347: Improper Verification of Cryptographic Signature", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-vw5h-29xf-g55g", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-vw5h-29xf-g55g"}, {"name": "https://github.com/nextcloud/user_oidc/pull/715", "tags": ["x_refsource_MISC"], "url": "https://github.com/nextcloud/user_oidc/pull/715"}, {"name": "https://hackerone.com/reports/1878391", "tags": ["x_refsource_MISC"], "url": "https://hackerone.com/reports/1878391"}], "affected": [{"vendor": "nextcloud", "product": "security-advisories", "versions": [{"version": "< 1.3.5", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-06-14T15:45:12.913Z"}, "descriptions": [{"lang": "en", "value": "user_oidc app is an OpenID Connect user backend for Nextcloud. An attacker could potentially trick the app into accepting a request that is not signed by the correct server. It is recommended that the Nextcloud user_oidc app is upgraded to 1.3.5, 2.0.0, 3.0.0, 4.0.0 or 5.0.0."}], "source": {"advisory": "GHSA-vw5h-29xf-g55g", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-15T20:26:07.568535Z", "id": "CVE-2024-37886", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-15T20:30:30.682Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:57:40.025Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-vw5h-29xf-g55g", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-vw5h-29xf-g55g"}, {"name": "https://github.com/nextcloud/user_oidc/pull/715", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/nextcloud/user_oidc/pull/715"}, {"name": "https://hackerone.com/reports/1878391", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://hackerone.com/reports/1878391"}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-37886", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-06-15T20:26:07.568535Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-15T20:26:23.078Z"}}], "cna": {"title": "Nextcloud user_oidc's ID4me does not validate signature or expiration", "source": {"advisory": "GHSA-vw5h-29xf-g55g", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "nextcloud", "product": "security-advisories", "versions": [{"status": "affected", "version": "< 1.3.5"}]}], "references": [{"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-vw5h-29xf-g55g", "name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-vw5h-29xf-g55g", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/nextcloud/user_oidc/pull/715", "name": "https://github.com/nextcloud/user_oidc/pull/715", "tags": ["x_refsource_MISC"]}, {"url": "https://hackerone.com/reports/1878391", "name": "https://hackerone.com/reports/1878391", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "user_oidc app is an OpenID Connect user backend for Nextcloud. An attacker could potentially trick the app into accepting a request that is not signed by the correct server. It is recommended that the Nextcloud user_oidc app is upgraded to 1.3.5, 2.0.0, 3.0.0, 4.0.0 or 5.0.0."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-347", "description": "CWE-347: Improper Verification of Cryptographic Signature"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-06-14T15:45:12.913Z"}}}, "cveMetadata": {"cveId": "CVE-2024-37886", "state": "PUBLISHED", "dateUpdated": "2024-06-15T20:30:30.682Z", "dateReserved": "2024-06-10T19:54:41.360Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-06-14T15:45:12.913Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nextcloud:user_oidc:*:*:*:*:*:*:*:*", "matchCriteriaId": "52E0C5D0-082E-4B38-B5BD-2BC9AFC844FC", "versionEndExcluding": "1.3.5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "user_oidc app is an OpenID Connect user backend for Nextcloud. An attacker could potentially trick the app into accepting a request that is not signed by the correct server. It is recommended that the Nextcloud user_oidc app is upgraded to 1.3.5, 2.0.0, 3.0.0, 4.0.0 or 5.0.0."}, {"lang": "es", "value": "La aplicaci\u00f3n user_oidc es un backend de usuario de OpenID Connect para Nextcloud. Un atacante podr\u00eda enga\u00f1ar a la aplicaci\u00f3n para que acepte una solicitud que no est\u00e9 firmada por el servidor correcto. Se recomienda actualizar la aplicaci\u00f3n user_oidc de Nextcloud a 1.3.5, 2.0.0, 3.0.0, 4.0.0 o 5.0.0."}], "id": "CVE-2024-37886", "lastModified": "2025-08-14T19:03:04.897", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-06-14T16:15:13.800", "references": [{"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-vw5h-29xf-g55g"}, {"source": "security-advisories@github.com", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/nextcloud/user_oidc/pull/715"}, {"source": "security-advisories@github.com", "tags": ["Issue Tracking"], "url": "https://hackerone.com/reports/1878391"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-vw5h-29xf-g55g"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/nextcloud/user_oidc/pull/715"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking"], "url": "https://hackerone.com/reports/1878391"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-347"}], "source": "security-advisories@github.com", "type": "Secondary"}]}