CVE-2023-28999 Nextcloud: Lack of authenticity of metadata keys allows a malicious server to gain access to E2EE folders

2023-04-0412:51:08

CWE-325

GitHub_M

www.cve.org

nextcloud

e2ee

vulnerability

desktop

android

ios

fixed

CVSS3

6.9

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:L

AI Score

6.4

Confidence

High

EPSS

0.001

Percentile

47.8%

JSON

Nextcloud is an open-source productivity platform. In Nextcloud Desktop client 3.0.0 until 3.8.0, Nextcloud Android app 3.13.0 until 3.25.0, and Nextcloud iOS app 3.0.5 until 4.8.0, a malicious server administrator can gain full access to an end-to-end encrypted folder. They can decrypt files, recover the folder structure and add new files. This issue is fixed in Nextcloud Desktop 3.8.0, Nextcloud Android 3.25.0, and Nextcloud iOS 4.8.0. No known workarounds are available.

CNA Affected

[
  {
    "vendor": "nextcloud",
    "product": "security-advisories",
    "versions": [
      {
        "version": ">= 3.0.0, < 3.8.0",
        "status": "affected"
      },
      {
        "version": ">= 3.13.0, < 3.25.0",
        "status": "affected"
      },
      {
        "version": ">= 3.0.5, < 4.8.0",
        "status": "affected"
      }
    ]
  }
]