{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-23943", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2023-01-19T21:12:31.362Z", "datePublished": "2023-02-06T20:18:33.641Z", "dateUpdated": "2025-03-10T21:16:03.230Z"}, "containers": {"cna": {"title": "Blind SSRF via server URL input in the Nextcloud Mail app", "problemTypes": [{"descriptions": [{"cweId": "CWE-918", "lang": "en", "description": "CWE-918: Server-Side Request Forgery (SSRF)", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8gcx-r739-9pf6", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8gcx-r739-9pf6"}, {"name": "https://github.com/nextcloud/mail/pull/7796", "tags": ["x_refsource_MISC"], "url": "https://github.com/nextcloud/mail/pull/7796"}, {"name": "https://hackerone.com/reports/1736390", "tags": ["x_refsource_MISC"], "url": "https://hackerone.com/reports/1736390"}, {"name": "https://hackerone.com/reports/1741525", "tags": ["x_refsource_MISC"], "url": "https://hackerone.com/reports/1741525"}, {"name": "https://hackerone.com/reports/1746582", "tags": ["x_refsource_MISC"], "url": "https://hackerone.com/reports/1746582"}], "affected": [{"vendor": "nextcloud", "product": "security-advisories", "versions": [{"version": ">= 2.0.0, < 2.2.2", "status": "affected"}, {"version": "< 1.15.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-02-06T20:18:33.641Z"}, "descriptions": [{"lang": "en", "value": "Nextcloud mail is an email app for the nextcloud home server platform. In affected versions the SMTP, IMAP and Sieve host fields allowed to scan for internal services and servers reachable from within the local network of the Nextcloud Server. It is recommended that the Nextcloud Maill app is upgraded to 1.15.0 or 2.2.2. The only known workaround for this issue is to completely disable the nextcloud mail app."}], "source": {"advisory": "GHSA-8gcx-r739-9pf6", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T10:49:08.130Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8gcx-r739-9pf6", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8gcx-r739-9pf6"}, {"name": "https://github.com/nextcloud/mail/pull/7796", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/nextcloud/mail/pull/7796"}, {"name": "https://hackerone.com/reports/1736390", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://hackerone.com/reports/1736390"}, {"name": "https://hackerone.com/reports/1741525", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://hackerone.com/reports/1741525"}, {"name": "https://hackerone.com/reports/1746582", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://hackerone.com/reports/1746582"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-03-10T21:01:20.442040Z", "id": "CVE-2023-23943", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-10T21:16:03.230Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8gcx-r739-9pf6", "name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8gcx-r739-9pf6", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://github.com/nextcloud/mail/pull/7796", "name": "https://github.com/nextcloud/mail/pull/7796", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://hackerone.com/reports/1736390", "name": "https://hackerone.com/reports/1736390", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://hackerone.com/reports/1741525", "name": "https://hackerone.com/reports/1741525", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://hackerone.com/reports/1746582", "name": "https://hackerone.com/reports/1746582", "tags": ["x_refsource_MISC", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T10:49:08.130Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-23943", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-03-10T21:01:20.442040Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-10T21:01:21.709Z"}}], "cna": {"title": "Blind SSRF via server URL input in the Nextcloud Mail app", "source": {"advisory": "GHSA-8gcx-r739-9pf6", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "nextcloud", "product": "security-advisories", "versions": [{"status": "affected", "version": ">= 2.0.0, < 2.2.2"}, {"status": "affected", "version": "< 1.15.0"}]}], "references": [{"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8gcx-r739-9pf6", "name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8gcx-r739-9pf6", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/nextcloud/mail/pull/7796", "name": "https://github.com/nextcloud/mail/pull/7796", "tags": ["x_refsource_MISC"]}, {"url": "https://hackerone.com/reports/1736390", "name": "https://hackerone.com/reports/1736390", "tags": ["x_refsource_MISC"]}, {"url": "https://hackerone.com/reports/1741525", "name": "https://hackerone.com/reports/1741525", "tags": ["x_refsource_MISC"]}, {"url": "https://hackerone.com/reports/1746582", "name": "https://hackerone.com/reports/1746582", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Nextcloud mail is an email app for the nextcloud home server platform. In affected versions the SMTP, IMAP and Sieve host fields allowed to scan for internal services and servers reachable from within the local network of the Nextcloud Server. It is recommended that the Nextcloud Maill app is upgraded to 1.15.0 or 2.2.2. The only known workaround for this issue is to completely disable the nextcloud mail app."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-918", "description": "CWE-918: Server-Side Request Forgery (SSRF)"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-02-06T20:18:33.641Z"}}}, "cveMetadata": {"cveId": "CVE-2023-23943", "state": "PUBLISHED", "dateUpdated": "2025-03-10T21:16:03.230Z", "dateReserved": "2023-01-19T21:12:31.362Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2023-02-06T20:18:33.641Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nextcloud:mail:*:*:*:*:*:*:*:*", "matchCriteriaId": "67598F70-8C1A-4636-920F-FDD4EBD290FE", "versionEndExcluding": "1.15.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:nextcloud:mail:*:*:*:*:*:*:*:*", "matchCriteriaId": "45C0BF5F-F48B-466D-95C1-94785C25E788", "versionEndExcluding": "2.2.2", "versionStartIncluding": "2.2.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Nextcloud mail is an email app for the nextcloud home server platform. In affected versions the SMTP, IMAP and Sieve host fields allowed to scan for internal services and servers reachable from within the local network of the Nextcloud Server. It is recommended that the Nextcloud Maill app is upgraded to 1.15.0 or 2.2.2. The only known workaround for this issue is to completely disable the nextcloud mail app."}, {"lang": "es", "value": "Nextcloud mail es una aplicaci\u00f3n de correo electr\u00f3nico para la plataforma de servidor dom\u00e9stico nextcloud. En las versiones afectadas, los campos de host SMTP, IMAP y Sieve permit\u00edan escanear servicios internos y servidores accesibles desde la red local del servidor Nextcloud. Se recomienda actualizar la aplicaci\u00f3n Nextcloud Mail a 1.15.0 o 2.2.2. El \u00fanico workaround para este problema es desactivar completamente la aplicaci\u00f3n de correo nextcloud."}], "id": "CVE-2023-23943", "lastModified": "2024-11-21T07:47:09.140", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 1.4, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-02-06T21:15:09.810", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/nextcloud/mail/pull/7796"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8gcx-r739-9pf6"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://hackerone.com/reports/1736390"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://hackerone.com/reports/1741525"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://hackerone.com/reports/1746582"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/nextcloud/mail/pull/7796"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8gcx-r739-9pf6"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://hackerone.com/reports/1736390"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://hackerone.com/reports/1741525"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://hackerone.com/reports/1746582"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{}

{}