NVD - CVE-2023-48304

Vulnerability Change Records for CVE-2023-48304

Change History

Initial Analysis by NIST 12/01/2023 10:08:42 AM

Action	Type	Old Value	New Value
Added	CPE Configuration		OR cpe:2.3:a:nextcloud:nextcloud_server:::::enterprise::: versions from (including) 22.0.0 up to (including) 22.2.10.16 cpe:2.3:a:nextcloud:nextcloud_server:::::enterprise::: versions from (including) 23.0.0 up to (excluding) 23.0.12.11 cpe:2.3:a:nextcloud:nextcloud_server:::::enterprise::: versions from (including) 24.0.0 up to (excluding) 24.0.12.7 cpe:2.3:a:nextcloud:nextcloud_server:::::-::: versions from (including) 25.0.0 up to (excluding) 25.0.11 cpe:2.3:a:nextcloud:nextcloud_server:::::enterprise::: versions from (including) 25.0.0 up to (excluding) 25.0.11 cpe:2.3:a:nextcloud:nextcloud_server:::::-::: versions from (including) 26.0.0 up to (excluding) 26.0.6 cpe:2.3:a:nextcloud:nextcloud_server:::::enterprise::: versions from (including) 26.0.0 up to (excluding) 26.0.6 cpe:2.3:a:nextcloud:nextcloud_server:::::-::: versions from (including) 27.0.0 up to (excluding) 27.1.0 cpe:2.3:a:nextcloud:nextcloud_server:::::enterprise::: versions from (including) 27.0.0 up to (excluding) 27.1.0
Added	CVSS V3.1		NIST AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Changed	Reference Type	https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8jwv-c8c8-9fr3 No Types Assigned	https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8jwv-c8c8-9fr3 Vendor Advisory
Changed	Reference Type	https://github.com/nextcloud/server/pull/40292 No Types Assigned	https://github.com/nextcloud/server/pull/40292 Issue Tracking, Patch
Changed	Reference Type	https://hackerone.com/reports/2112973 No Types Assigned	https://hackerone.com/reports/2112973 Exploit, Third Party Advisory