Scope of workflow operations is not validated in nextcloud server
CVE-2023-26482

9.1CRITICAL

Key Information:

Vendor: Nextcloud
Status: Security-advisories
Vendor: CVE Published:; 30 March 2023

What is CVE-2023-26482?

The Nextcloud Server, a popular open-source cloud solution, has been found to contain a vulnerability that allows users to create administrative-only workflows without proper scope validation. This oversight potentially enables remote code execution by invoking scripts designed to generate PDFs or interact with webhooks. Consequently, the issue presents serious security risks depending on the installed applications. Users are strongly advised to upgrade to Nextcloud Server version 24.0.10 or 25.0.4 or, if unable to upgrade, to disable the vulnerable apps 'workflow_scripts' and 'workflow_pdf_converter' to mitigate potential exploitation.

Affected Version(s)

security-advisories < 24.0.10 < 24.0.10

security-advisories >= 25.0.0, < 25.0.4 < 25.0.0, 25.0.4

References

https://github.com/nextcloud/security-advisories/security...

x_refsource_CONFIRM

https://github.com/nextcloud/server/commit/5a06b50b10cc92...

x_refsource_MISC

EPSS Score

63% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

9.1

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 30, 2023
Vulnerability Reserved
Feb 23, 2023