CVE-2024-37886 - Vulnerability Details - OpenCVE

user_oidc app is an OpenID Connect user backend for Nextcloud. An attacker could potentially trick the app into accepting a request that is not signed by the correct server. It is recommended that the Nextcloud user_oidc app is upgraded to 1.3.5, 2.0.0, 3.0.0, 4.0.0 or 5.0.0.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

No data.

No data.

No data.

References

Link	Providers
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-vw5h-29xf-g55g
https://github.com/nextcloud/user_oidc/pull/715
https://hackerone.com/reports/1878391

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-06-14T15:45:12.913Z

Updated: 2024-08-02T03:57:40.025Z

Reserved: 2024-06-10T19:54:41.360Z

Link: CVE-2024-37886

Vulnrichment

Updated: 2024-06-15T20:26:23.078Z

NVD

Status : Awaiting Analysis

Published: 2024-06-14T16:15:13.800

Modified: 2024-11-21T09:24:28.280

Link: CVE-2024-37886

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-37886", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-06-10T19:54:41.360Z", "datePublished": "2024-06-14T15:45:12.913Z", "dateUpdated": "2024-08-02T03:57:40.025Z"}, "containers": {"cna": {"title": "Nextcloud user_oidc's ID4me does not validate signature or expiration", "problemTypes": [{"descriptions": [{"cweId": "CWE-347", "lang": "en", "description": "CWE-347: Improper Verification of Cryptographic Signature", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-vw5h-29xf-g55g", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-vw5h-29xf-g55g"}, {"name": "https://github.com/nextcloud/user_oidc/pull/715", "tags": ["x_refsource_MISC"], "url": "https://github.com/nextcloud/user_oidc/pull/715"}, {"name": "https://hackerone.com/reports/1878391", "tags": ["x_refsource_MISC"], "url": "https://hackerone.com/reports/1878391"}], "affected": [{"vendor": "nextcloud", "product": "security-advisories", "versions": [{"version": "< 1.3.5", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-06-14T15:45:12.913Z"}, "descriptions": [{"lang": "en", "value": "user_oidc app is an OpenID Connect user backend for Nextcloud. An attacker could potentially trick the app into accepting a request that is not signed by the correct server. It is recommended that the Nextcloud user_oidc app is upgraded to 1.3.5, 2.0.0, 3.0.0, 4.0.0 or 5.0.0."}], "source": {"advisory": "GHSA-vw5h-29xf-g55g", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-15T20:26:07.568535Z", "id": "CVE-2024-37886", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-15T20:30:30.682Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:57:40.025Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-vw5h-29xf-g55g", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-vw5h-29xf-g55g"}, {"name": "https://github.com/nextcloud/user_oidc/pull/715", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/nextcloud/user_oidc/pull/715"}, {"name": "https://hackerone.com/reports/1878391", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://hackerone.com/reports/1878391"}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-37886", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-06-15T20:26:07.568535Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-15T20:26:23.078Z"}}], "cna": {"title": "Nextcloud user_oidc's ID4me does not validate signature or expiration", "source": {"advisory": "GHSA-vw5h-29xf-g55g", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "nextcloud", "product": "security-advisories", "versions": [{"status": "affected", "version": "< 1.3.5"}]}], "references": [{"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-vw5h-29xf-g55g", "name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-vw5h-29xf-g55g", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/nextcloud/user_oidc/pull/715", "name": "https://github.com/nextcloud/user_oidc/pull/715", "tags": ["x_refsource_MISC"]}, {"url": "https://hackerone.com/reports/1878391", "name": "https://hackerone.com/reports/1878391", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "user_oidc app is an OpenID Connect user backend for Nextcloud. An attacker could potentially trick the app into accepting a request that is not signed by the correct server. It is recommended that the Nextcloud user_oidc app is upgraded to 1.3.5, 2.0.0, 3.0.0, 4.0.0 or 5.0.0."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-347", "description": "CWE-347: Improper Verification of Cryptographic Signature"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-06-14T15:45:12.913Z"}}}, "cveMetadata": {"cveId": "CVE-2024-37886", "state": "PUBLISHED", "dateUpdated": "2024-06-15T20:30:30.682Z", "dateReserved": "2024-06-10T19:54:41.360Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-06-14T15:45:12.913Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}