Bug 2292844 (CVE-2024-37315, CVE-2024-37316, CVE-2024-37317)

Summary: CVE-2024-37315 CVE-2024-37316 CVE-2024-37317 nextcloud: multiple vulnerabilities
Product: [Other] Security Response Reporter: Patrick Del Bello <pdelbell>
Component: vulnerabilityAssignee: Product Security <prodsec-ir-bot>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedKeywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2292846, 2292845, 2292847, 2292848, 2292849, 2292850    
Bug Blocks:    

Description Patrick Del Bello 2024-06-18 04:28:50 UTC 
The Nextcloud Notes app is a distraction free notes taking app for Nextcloud. If an attacker managed to share a folder called `Notes/` with a newly created user before they logged in, the Notes app would use that folder store the personal notes. It is recommended that the Nextcloud Notes app is upgraded to 4.9.3.

https://github.com/nextcloud/notes/pull/1260
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-wfqv-cx85-7rjx
https://hackerone.com/reports/2254151

Nextcloud Calendar is a calendar app for Nextcloud. Authenticated users could create an event with manipulated attachment data leading to a bad redirect for participants when clicked. It is recommended that the Nextcloud Calendar App is upgraded to 4.6.8 or 4.7.2.

https://github.com/nextcloud/calendar/pull/5966
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-2r7q-vfmv-79qf
https://hackerone.com/reports/2457588

Nextcloud Server is a self hosted personal cloud system. An attacker with read-only access to a file is able to restore older versions of a document when the files_versions app is enabled. It is recommended that the Nextcloud Server is upgraded to 26.0.12, 27.1.7 or 28.0.3 and that the Nextcloud Enterprise Server is upgraded to 23.0.12.16, 24.0.12.12, 25.0.13.6, 26.0.12, 27.1.7 or 28.0.3.

https://github.com/nextcloud/security-advisories/security/advisories/GHSA-5mq8-738w-5942
https://github.com/nextcloud/server/pull/43727
https://hackerone.com/reports/1356508
Comment 1 Patrick Del Bello 2024-06-18 04:30:54 UTC 
Created nextcloud tracking bugs for this issue:

Affects: fedora-all [bug 2292850]


Created nextcloud-client tracking bugs for this issue:

Affects: epel-all [bug 2292846]
Affects: fedora-all [bug 2292845]


Created nextcloud:23/nextcloud tracking bugs for this issue:

Affects: epel-all [bug 2292847]


Created nextcloud:24/nextcloud tracking bugs for this issue:

Affects: epel-all [bug 2292848]


Created nextcloud:nextcloud-22/nextcloud tracking bugs for this issue:

Affects: epel-all [bug 2292849]