Open redirect in user_saml via RelayState parameter in Nextcloud User Saml
CVE-2024-22400

3.1LOW

Key Information:

Vendor: Nextcloud
Status: Security-advisories
Vendor: CVE Published:; 18 January 2024

🔔 Create Nextcloud Vulnerability Alert

What is CVE-2024-22400?

Nextcloud User Saml is an app for authenticating Nextcloud users using SAML. In affected versions users can be given a link to the Nextcloud server and end up on a uncontrolled thirdparty server. It is recommended that the User Saml app is upgraded to version 5.1.5, 5.2.5, or 6.0.1. There are no known workarounds for this issue.

Affected Version(s)

security-advisories >= 5.0.0, < 5.1.5 < 5.0.0, 5.1.5

security-advisories >= 5.2.0, < 5.2.5 < 5.2.0, 5.2.5

security-advisories >= 6.0.0, < 6.0.1 < 6.0.0, 6.0.1

References

https://github.com/nextcloud/security-advisories/security...

x_refsource_CONFIRM

https://github.com/nextcloud/user_saml/pull/788

x_refsource_MISC

https://github.com/nextcloud/user_saml/commit/b184304a476...

x_refsource_MISC

CVSS V3.1

Score:

3.1

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 18, 2024
Vulnerability Reserved
Jan 10, 2024

.

CVE-2024-22400 : Open redirect in user_saml via RelayState parameter in Nextcloud User Saml