SMB User Authentication Bypass in Nextcloud Server and ownCloud Server
CVE-2016-9463

8.1HIGH

Key Information:

Vendor

Owncloud

Status
Nextcloud Server & Owncloud Server Nextcloud Server Before 9.0.54 And 10.0.1 & Owncloud Server Before 9.1.2, 9.0.6, And 8.2.9
Vendor
CVE Published:
28 March 2017

What is CVE-2016-9463?

Nextcloud Server and ownCloud Server exhibit a vulnerability that enables unauthorized access to user accounts through SMB User Authentication Bypass. The issue stems from an optional SMB authentication component that, if configured, allows users to authenticate against an SMB server. Due to improper handling of anonymous authentication configurations that are common in many SMB servers, this vulnerability could allow an unauthenticated attacker to access user accounts without valid credentials. It's important to note that this SMB backend is disabled by default and requires manual configuration in the system's settings.

Affected Version(s)

Nextcloud Server & ownCloud Server Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.1.2, 9.0.6, and 8.2.9 Nextcloud Server & ownCloud Server Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.1.2, 9.0.6, and 8.2.9

References

https://github.com/nextcloud/apps/commit/b85ace6840b8a670...
x_refsource_MISC
https://github.com/owncloud/apps/commit/16cbccfc946c87117...
x_refsource_MISC
https://rhinosecuritylabs.com/2016/10/operation-ownedclou...
x_refsource_MISC

EPSS Score

5% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
8.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.