CVE-2024-37885 - Vulnerability Details - OpenCVE

The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. A code injection in Nextcloud Desktop Client for macOS allowed to load arbitrary code when starting the client with DYLD_INSERT_LIBRARIES set in the enviroment. It is recommended that the Nextcloud Desktop client is upgraded to 3.12.0.

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Apple	Macos
Nextcloud	Desktop

Configuration 1 [-]

AND

cpe:2.3:a:nextcloud:desktop:*:*:*:*:*:*:*:*

cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/nextcloud/desktop/pull/6378
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-4mf7-v63m-99p7
https://hackerone.com/reports/2307625

History

Mon, 19 Aug 2024 16:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Apple Apple macos Nextcloud Nextcloud desktop
CPEs		cpe:2.3:a:nextcloud:desktop:::::::: cpe:2.3:o:apple:macos:-:::::::*
Vendors & Products		Apple Apple macos Nextcloud Nextcloud desktop

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-06-14T15:42:42.132Z

Updated: 2024-08-02T03:57:39.894Z

Reserved: 2024-06-10T19:54:41.360Z

Link: CVE-2024-37885

Vulnrichment

Updated: 2024-06-14T22:04:39.609Z

NVD

Status : Modified

Published: 2024-06-14T16:15:13.570

Modified: 2024-11-21T09:24:28.147

Link: CVE-2024-37885

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-37885", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-06-10T19:54:41.360Z", "datePublished": "2024-06-14T15:42:42.132Z", "dateUpdated": "2024-08-02T03:57:39.894Z"}, "containers": {"cna": {"title": "Code injection in Nextcloud Desktop Client for macOS", "problemTypes": [{"descriptions": [{"cweId": "CWE-94", "lang": "en", "description": "CWE-94: Improper Control of Generation of Code ('Code Injection')", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 3.8, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L", "version": "3.1"}}], "references": [{"name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-4mf7-v63m-99p7", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-4mf7-v63m-99p7"}, {"name": "https://github.com/nextcloud/desktop/pull/6378", "tags": ["x_refsource_MISC"], "url": "https://github.com/nextcloud/desktop/pull/6378"}, {"name": "https://hackerone.com/reports/2307625", "tags": ["x_refsource_MISC"], "url": "https://hackerone.com/reports/2307625"}], "affected": [{"vendor": "nextcloud", "product": "security-advisories", "versions": [{"version": "< 3.12.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-06-14T15:42:42.132Z"}, "descriptions": [{"lang": "en", "value": "The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. A code injection in Nextcloud Desktop Client for macOS allowed to load arbitrary code when starting the client with DYLD_INSERT_LIBRARIES set in the enviroment. It is recommended that the Nextcloud Desktop client is upgraded to 3.12.0."}], "source": {"advisory": "GHSA-4mf7-v63m-99p7", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-14T22:04:04.734958Z", "id": "CVE-2024-37885", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-14T22:04:41.991Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:57:39.894Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-4mf7-v63m-99p7", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-4mf7-v63m-99p7"}, {"name": "https://github.com/nextcloud/desktop/pull/6378", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/nextcloud/desktop/pull/6378"}, {"name": "https://hackerone.com/reports/2307625", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://hackerone.com/reports/2307625"}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-37885", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-06-14T22:04:04.734958Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-14T22:04:39.609Z"}}], "cna": {"title": "Code injection in Nextcloud Desktop Client for macOS", "source": {"advisory": "GHSA-4mf7-v63m-99p7", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.8, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "LOW", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "nextcloud", "product": "security-advisories", "versions": [{"status": "affected", "version": "< 3.12.0"}]}], "references": [{"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-4mf7-v63m-99p7", "name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-4mf7-v63m-99p7", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/nextcloud/desktop/pull/6378", "name": "https://github.com/nextcloud/desktop/pull/6378", "tags": ["x_refsource_MISC"]}, {"url": "https://hackerone.com/reports/2307625", "name": "https://hackerone.com/reports/2307625", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. A code injection in Nextcloud Desktop Client for macOS allowed to load arbitrary code when starting the client with DYLD_INSERT_LIBRARIES set in the enviroment. It is recommended that the Nextcloud Desktop client is upgraded to 3.12.0."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-94", "description": "CWE-94: Improper Control of Generation of Code ('Code Injection')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-06-14T15:42:42.132Z"}}}, "cveMetadata": {"cveId": "CVE-2024-37885", "state": "PUBLISHED", "dateUpdated": "2024-06-14T22:04:41.991Z", "dateReserved": "2024-06-10T19:54:41.360Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-06-14T15:42:42.132Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nextcloud:desktop:*:*:*:*:*:*:*:*", "matchCriteriaId": "245A525A-2096-44AD-BBAD-412732856CE9", "versionEndExcluding": "3.12.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. A code injection in Nextcloud Desktop Client for macOS allowed to load arbitrary code when starting the client with DYLD_INSERT_LIBRARIES set in the enviroment. It is recommended that the Nextcloud Desktop client is upgraded to 3.12.0."}, {"lang": "es", "value": "Nextcloud Desktop Client es una herramienta para sincronizar archivos desde Nextcloud Server con su computadora. Una inyecci\u00f3n de c\u00f3digo en Nextcloud Desktop Client para macOS permiti\u00f3 cargar c\u00f3digo arbitrario al iniciar el cliente con DYLD_INSERT_LIBRARIES configurado en el entorno. Se recomienda actualizar el cliente de escritorio Nextcloud a 3.12.0. "}], "id": "CVE-2024-37885", "lastModified": "2024-11-21T09:24:28.147", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 3.8, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 0.3, "impactScore": 3.4, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-06-14T16:15:13.570", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/nextcloud/desktop/pull/6378"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-4mf7-v63m-99p7"}, {"source": "security-advisories@github.com", "tags": ["Issue Tracking"], "url": "https://hackerone.com/reports/2307625"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/nextcloud/desktop/pull/6378"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-4mf7-v63m-99p7"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking"], "url": "https://hackerone.com/reports/2307625"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "security-advisories@github.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-94"}], "source": "nvd@nist.gov", "type": "Primary"}]}