FKIE_CVE-2023-23943

Vulnerability from fkie_nvd - Published: 2023-02-06 21:15 - Updated: 2024-11-21 07:47
Severity ?
5.0 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
Nextcloud mail is an email app for the nextcloud home server platform. In affected versions the SMTP, IMAP and Sieve host fields allowed to scan for internal services and servers reachable from within the local network of the Nextcloud Server. It is recommended that the Nextcloud Maill app is upgraded to 1.15.0 or 2.2.2. The only known workaround for this issue is to completely disable the nextcloud mail app.
References
security-advisories@github.comhttps://github.com/nextcloud/mail/pull/7796Patch
security-advisories@github.comhttps://github.com/nextcloud/security-advisories/security/advisories/GHSA-8gcx-r739-9pf6Vendor Advisory
security-advisories@github.comhttps://hackerone.com/reports/1736390Exploit, Third Party Advisory
security-advisories@github.comhttps://hackerone.com/reports/1741525Exploit, Third Party Advisory
security-advisories@github.comhttps://hackerone.com/reports/1746582Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/nextcloud/mail/pull/7796Patch
af854a3a-2127-422b-91ae-364da2661108https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8gcx-r739-9pf6Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://hackerone.com/reports/1736390Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://hackerone.com/reports/1741525Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://hackerone.com/reports/1746582Exploit, Third Party Advisory
Impacted products
Vendor Product Version
nextcloud mail *
nextcloud mail *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:nextcloud:mail:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "67598F70-8C1A-4636-920F-FDD4EBD290FE",
              "versionEndExcluding": "1.15.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nextcloud:mail:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "45C0BF5F-F48B-466D-95C1-94785C25E788",
              "versionEndExcluding": "2.2.2",
              "versionStartIncluding": "2.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Nextcloud mail is an email app for the nextcloud home server platform. In affected versions the SMTP, IMAP and Sieve host fields allowed to scan for internal services and servers reachable from within the local network of the Nextcloud Server. It is recommended that the Nextcloud Maill app is upgraded to 1.15.0 or 2.2.2. The only known workaround for this issue is to completely disable the nextcloud mail app."
    },
    {
      "lang": "es",
      "value": "Nextcloud mail es una aplicaci\u00f3n de correo electr\u00f3nico para la plataforma de servidor dom\u00e9stico nextcloud. En las versiones afectadas, los campos de host SMTP, IMAP y Sieve permit\u00edan escanear servicios internos y servidores accesibles desde la red local del servidor Nextcloud. Se recomienda actualizar la aplicaci\u00f3n Nextcloud Mail a 1.15.0 o 2.2.2. El \u00fanico workaround para este problema es desactivar completamente la aplicaci\u00f3n de correo nextcloud."
    }
  ],
  "id": "CVE-2023-23943",
  "lastModified": "2024-11-21T07:47:09.140",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 1.4,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-02-06T21:15:09.810",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/nextcloud/mail/pull/7796"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8gcx-r739-9pf6"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://hackerone.com/reports/1736390"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://hackerone.com/reports/1741525"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://hackerone.com/reports/1746582"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/nextcloud/mail/pull/7796"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8gcx-r739-9pf6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://hackerone.com/reports/1736390"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://hackerone.com/reports/1741525"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://hackerone.com/reports/1746582"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-918"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.