SB2025012096 - Multiple vulnerabilities in Nextcloud Server and Enterprise Server
Published: January 20, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 secuirty vulnerabilities.
1) Improper Authentication (CVE-ID: CVE-2024-52518)
The vulnerability allows a remote user to bypass authentication process.
The vulnerability exists due to missing password confirmation when changing external storage options. A remote administrator can bypass authentication process and gain access to the session of a user or administrator.
2) Cleartext storage of sensitive information (CVE-ID: CVE-2024-52525)
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to the user password is available in memory of the PHP process. An administrator with physical access can gain access sensitive information on the target system.
Remediation
Install update from vendor's website.
References
- https://github.com/nextcloud/security-advisories/security/advisories/GHSA-vrhf-532w-99rg
- https://github.com/nextcloud/server/pull/48373
- https://github.com/nextcloud/server/pull/48788
- https://github.com/nextcloud/server/pull/48992
- https://hackerone.com/reports/2602973
- https://github.com/nextcloud/security-advisories/security/advisories/GHSA-w7v5-mgxm-v6gm
- https://github.com/nextcloud/server/pull/48915
- https://github.com/nextcloud/server/commit/d25a0a2896a2a981939cacb8ee0d555feef22b3b